.NET 6.0 Security Vulnerabilities

CVE-2024-21409

.NET, .NET Framework, and Visual Studio Remote Code Execution...

CVE-2024-21404

.NET Denial of Service...

CVE-2024-21319

Microsoft Identity Denial of service...

CVE-2024-20672

.NET Denial of Service...

CVE-2024-0057

NET, .NET Framework, and Visual Studio Security Feature Bypass...

CVE-2024-0056

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass...

CVE-2023-36558

ASP.NET Core - Security Feature Bypass...

CVE-2023-36049

.NET, .NET Framework, and Visual Studio Elevation of Privilege...

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October...

CVE-2023-36799

.NET Core and Visual Studio Denial of Service...

CVE-2023-36796

Visual Studio Remote Code Execution...

CVE-2023-36793

Visual Studio Remote Code Execution...

CVE-2023-36792

Visual Studio Remote Code Execution...

CVE-2023-36794

Visual Studio Remote Code Execution...

CVE-2023-38180

.NET and Visual Studio Denial of Service...

CVE-2023-35391

ASP.NET Core SignalR and Visual Studio Information Disclosure...

CVE-2023-38178

.NET Core and Visual Studio Denial of Service...

CVE-2023-35390

.NET and Visual Studio Remote Code Execution...

CVE-2023-33170

ASP.NET and Visual Studio Security Feature Bypass...

CVE-2023-33127

.NET and Visual Studio Elevation of Privilege...

CVE-2023-24936

.NET, .NET Framework, and Visual Studio Elevation of Privilege...

CVE-2023-24897

.NET, .NET Framework, and Visual Studio Remote Code Execution...

CVE-2023-29331

.NET, .NET Framework, and Visual Studio Denial of Service...

CVE-2023-33135

.NET and Visual Studio Elevation of Privilege...

CVE-2023-33128

.NET and Visual Studio Remote Code Execution...

CVE-2023-33126

.NET and Visual Studio Remote Code Execution...

CVE-2023-28260

.NET DLL Hijacking Remote Code Execution...

CVE-2023-21808

.NET and Visual Studio Remote Code Execution...

CVE-2023-21538

.NET Denial of Service...

CVE-2022-41089

.NET Framework Remote Code Execution...

CVE-2022-41032

NuGet Client Elevation of Privilege...

CVE-2022-38013

.NET Core and Visual Studio Denial of Service...

CVE-2022-34716

.NET Spoofing...

CVE-2022-30184

.NET and Visual Studio Information Disclosure...

CVE-2022-29145

.NET and Visual Studio Denial of Service...

CVE-2022-29117

.NET and Visual Studio Denial of Service...

CVE-2022-23267

.NET and Visual Studio Denial of Service...

CVE-2022-24512

.NET and Visual Studio Remote Code Execution...

CVE-2022-24464

.NET and Visual Studio Denial of Service...

CVE-2022-21986

.NET Denial of Service...

CVE-2019-0657

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing...

CVE-2018-8292

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core...

CVE-2018-0786

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass...

CVE-2018-0764

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from...

CVE-2008-6854

Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain...

CVE-2008-4255

Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote....

CVE-2008-4256

The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted.....

CVE-2008-4252

The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of...

CVE-2008-4254

Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll.....

CVE-2008-4253

The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code...