Microsoft Microsoft.Netcore.App.Runtime.Linux-Musl-Arm64 vulnerabilities
26 known vulnerabilities affecting microsoft/microsoft.netcore.app.runtime.linux-musl-arm64.
Total CVEs
26
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH17MEDIUM9
Vulnerabilities
Page 1 of 2
CVE-2026-32178HIGHCVSS 7.5≥ 10.0.0, < 10.0.6≥ 9.0.0, < 9.0.15+1 more2026-04-14
CVE-2026-32178 [HIGH] CWE-138 Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability
Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability
## Executive Summary:
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in System.Net.Mail where
ghsa
CVE-2026-26131HIGHCVSS 7.8≥ 10.0.0, < 10.0.42026-03-11
CVE-2026-26131 [HIGH] CWE-276 .NET Elevation of Privilege Vulnerability
.NET Elevation of Privilege Vulnerability
# Microsoft Security Advisory CVE-2026-26131 – .NET Elevation of Privilege Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
An elevation of privilege vulnerability exist
ghsaosv
CVE-2026-26127HIGHCVSS 7.5≥ 9.0.0, < 9.0.14≥ 10.0.0, < 10.0.42026-03-11
CVE-2026-26127 [HIGH] CWE-125 .NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2026-26127 – .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0 and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial of service vulnerability exists in .NE
ghsaosv
CVE-2025-55248MEDIUMCVSS 5.7≥ 9.0.0, < 9.0.10≥ 8.0.0, < 8.0.212025-10-15
CVE-2025-55248 [MEDIUM] CWE-326 Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability
Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability
# Microsoft Security Advisory CVE-2025-55248 | .NET Information Disclosure Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to
ghsaosv
CVE-2025-36853HIGHCVSS 7.5≥ >=6.0.0, ≤ 6.0.362025-09-08
CVE-2025-36853 [HIGH] CWE-190 EOL .NET 6.0 Runtime Remote Code Execution Vulnerability
EOL .NET 6.0 Runtime Remote Code Execution Vulnerability
A vulnerability (CVE-2025-21172) exists in msdia140.dll due to integer overflow and heap-based overflow.
Per CWE-122: Heap-based Buffer Overflow, a heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as mal
cvelistv5
CVE-2025-30399HIGHCVSS 7.5≥ 9.0.0, < 9.0.6≥ 8.0.0, < 8.0.172025-06-11
CVE-2025-30399 [HIGH] CWE-426 Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability
Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability
# Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remo
ghsaosv
CVE-2025-21176HIGHCVSS 8.8≥ 9.0.0, < 9.0.1≥ 8.0.0, < 8.0.122025-01-14
CVE-2025-21176 [HIGH] CWE-126 Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory a
ghsaosv
CVE-2025-21172HIGHCVSS 7.5≥ >=6.0.0, ≤ 6.0.362025-01-14
CVE-2025-21172 [HIGH] CWE-122 CVE-2025-21172: .NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
ghsanvdosv
CVE-2025-21171HIGHCVSS 7.5≥ 9.0.0, < 9.0.12025-01-14
CVE-2025-21171 [HIGH] CWE-122 Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0. This advisory also provides guidance on what developers can do to update their app
ghsaosv
CVE-2024-38167MEDIUMCVSS 6.5≥ 8.0.0, < 8.0.82024-08-13
CVE-2024-38167 [MEDIUM] CWE-319 Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability
Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability
# Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0. This advisory also provides guidance on what developers can do to update thei
ghsaosv
CVE-2024-38095HIGHCVSS 7.5≥ 8.0.0, < 8.0.7≥ 6.0.0, < 6.0.322024-07-09
CVE-2024-38095 [HIGH] CWE-20 Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their app
ghsaosv
CVE-2024-30045MEDIUMCVSS 6.3≥ 8.0.0, < 8.0.5≥ 7.0.0, < 7.0.192024-05-14
CVE-2024-30045 [MEDIUM] CWE-122 Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
# Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their appli
ghsaosv
CVE-2024-21392HIGHCVSS 7.5≥ 7.0.0-preview.1.22076.8, < 7.0.17≥ 8.0.0, < 8.0.32024-03-12
CVE-2024-21392 [HIGH] CWE-400 Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 8.0 . This advisory also provides guidance on what developers can do to update their appl
ghsaosv
CVE-2023-36799MEDIUMCVSS 6.5≥ 7.0.0, < 7.0.11≥ 6.0.0, < 6.0.222023-09-12
CVE-2023-36799 [MEDIUM] CWE-400 Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their app
ghsaosv
CVE-2023-33128HIGHCVSS 7.3≥ 7.0.0, < 7.0.72023-06-14
CVE-2023-33128 [HIGH] CWE-416 .NET Remote Code Execution Vulnerability
.NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2023-33128: .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in .NET source generator fo
ghsaosv
CVE-2023-24936HIGHCVSS 7.5≥ 7.0.0, < 7.0.7≥ 6.0.0, < 6.0.182023-06-14
CVE-2023-24936 [HIGH] .NET Elevation of Privilege Vulnerability
.NET Elevation of Privilege Vulnerability
# Microsoft Security Advisory CVE-2023-24936: .NET Elevation of Privilege Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in .NET when deseri
ghsaosv
CVE-2023-29331HIGHCVSS 7.5≥ 7.0.0, < 7.0.7≥ 6.0.0, < 6.0.182023-06-14
CVE-2023-29331 [HIGH] CWE-400 .NET Denial of Service vulnerability
.NET Denial of Service vulnerability
# Microsoft Security Advisory CVE-2023-29331: .NET Denial of Service vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in .NET when processing X.
ghsaosv
CVE-2023-21538HIGHCVSS 7.5≥ 6.0.0, < 6.0.132023-01-10
CVE-2023-21538 [HIGH] CWE-502 .NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2023-21538: .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial of service vulnerability exists in .NET 6.0 where a m
ghsaosv
CVE-2021-26423HIGHCVSS 7.5≥ 3.1.0, < 3.1.18≥ 5.0.0, < 5.0.92022-10-25
CVE-2021-26423 [HIGH] .NET Core Elevation of Privilege Vulnerability
.NET Core Elevation of Privilege Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial of service vulnerability exists in .NET 5.0, .NET Core 3.1 and .NET Core 2.1 where .NET (Core) server applications providing WebS
ghsaosv
CVE-2021-34485MEDIUMCVSS 5.5≥ 3.1.0, < 3.1.18≥ 5.0.0, < 5.0.92022-10-20
CVE-2021-34485 [MEDIUM] .NET Core Information Disclosure Vulnerability
.NET Core Information Disclosure Vulnerability
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0, .NET Core 3.1 and .NET Core 2.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
An information disclosure vulnerability exists in .NET 5.0, .NET Core 3.1 and .NET Core 2.1 when dumps created by the too
ghsaosv
1 / 2Next →