Microsoft Microsoft.Netcore.App.Runtime.Win-Arm64 vulnerabilities
33 known vulnerabilities affecting microsoft/microsoft.netcore.app.runtime.win-arm64.
Total CVEs
33
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH25MEDIUM8
Vulnerabilities
Page 1 of 2
CVE-2026-32178HIGHCVSS 7.5≥ 10.0.0, < 10.0.6≥ 9.0.0, < 9.0.15+1 more2026-04-14
CVE-2026-32178 [HIGH] CWE-138 Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability
Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability
## Executive Summary:
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in System.Net.Mail where
ghsa
CVE-2026-26127HIGHCVSS 7.5≥ 9.0.0, < 9.0.14≥ 10.0.0, < 10.0.42026-03-11
CVE-2026-26127 [HIGH] CWE-125 .NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2026-26127 – .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0 and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial of service vulnerability exists in .NE
ghsaosv
CVE-2025-55248MEDIUMCVSS 5.7≥ 9.0.0, < 9.0.10≥ 8.0.0, < 8.0.212025-10-15
CVE-2025-55248 [MEDIUM] CWE-326 Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability
Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability
# Microsoft Security Advisory CVE-2025-55248 | .NET Information Disclosure Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to
ghsaosv
CVE-2025-36853HIGHCVSS 7.5≥ >=6.0.0, ≤ 6.0.362025-09-08
CVE-2025-36853 [HIGH] CWE-190 EOL .NET 6.0 Runtime Remote Code Execution Vulnerability
EOL .NET 6.0 Runtime Remote Code Execution Vulnerability
A vulnerability (CVE-2025-21172) exists in msdia140.dll due to integer overflow and heap-based overflow.
Per CWE-122: Heap-based Buffer Overflow, a heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as mal
cvelistv5
CVE-2025-30399HIGHCVSS 7.5≥ 9.0.0, < 9.0.6≥ 8.0.0, < 8.0.172025-06-11
CVE-2025-30399 [HIGH] CWE-426 Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability
Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability
# Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remo
ghsaosv
CVE-2025-21176HIGHCVSS 8.8≥ 9.0.0, < 9.0.1≥ 8.0.0, < 8.0.122025-01-14
CVE-2025-21176 [HIGH] CWE-126 Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory a
ghsaosv
CVE-2025-21172HIGHCVSS 7.5≥ >=6.0.0, ≤ 6.0.362025-01-14
CVE-2025-21172 [HIGH] CWE-122 CVE-2025-21172: .NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
ghsanvdosv
CVE-2025-21171HIGHCVSS 7.5≥ 9.0.0, < 9.0.12025-01-14
CVE-2025-21171 [HIGH] CWE-122 Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0. This advisory also provides guidance on what developers can do to update their app
ghsaosv
CVE-2024-38167MEDIUMCVSS 6.5≥ 8.0.0, < 8.0.82024-08-13
CVE-2024-38167 [MEDIUM] CWE-319 Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability
Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability
# Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0. This advisory also provides guidance on what developers can do to update thei
ghsaosv
CVE-2024-38095HIGHCVSS 7.5≥ 8.0.0, < 8.0.7≥ 6.0.0, < 6.0.322024-07-09
CVE-2024-38095 [HIGH] CWE-20 Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their app
ghsaosv
CVE-2024-30045MEDIUMCVSS 6.3≥ 7.0.0, < 7.0.19≥ 8.0.0, < 8.0.52024-05-14
CVE-2024-30045 [MEDIUM] CWE-122 Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
# Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their appli
ghsaosv
CVE-2024-21392HIGHCVSS 7.5≥ 7.0.0-preview.1.22076.8, < 7.0.17≥ 8.0.0, < 8.0.32024-03-12
CVE-2024-21392 [HIGH] CWE-400 Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 8.0 . This advisory also provides guidance on what developers can do to update their appl
ghsaosv
CVE-2023-36792HIGHCVSS 7.8≥ 7.0.0, < 7.0.11≥ 6.0.0, < 6.0.222023-09-12
CVE-2023-36792 [HIGH] Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their a
ghsaosv
CVE-2023-36793HIGHCVSS 7.8≥ 7.0.0, < 7.0.11≥ 6.0.0, < 6.0.222023-09-12
CVE-2023-36793 [HIGH] Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their a
ghsaosv
CVE-2023-36796HIGHCVSS 7.8≥ 7.0.0, < 7.0.11≥ 6.0.0, < 6.0.222023-09-12
CVE-2023-36796 [HIGH] Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their a
ghsaosv
CVE-2023-36794HIGHCVSS 7.8≥ 7.0.0, < 7.0.11≥ 6.0.0, < 6.0.222023-09-12
CVE-2023-36794 [HIGH] Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their a
ghsaosv
CVE-2023-38178HIGHCVSS 7.5≥ 7.0.0, < 7.0.102023-08-09
CVE-2023-38178 [HIGH] CWE-400 .NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
# Microsoft Security Advisory CVE-2023-38178: .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in .NET Kestrel where a malicious clien
ghsaosv
CVE-2023-33126HIGHCVSS 7.3≥ 7.0.0, < 7.0.7≥ 6.0.0, < 6.0.182023-06-14
CVE-2023-33126 [HIGH] Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their a
ghsaosv
CVE-2023-33128HIGHCVSS 7.3≥ 7.0.0, < 7.0.72023-06-14
CVE-2023-33128 [HIGH] CWE-416 .NET Remote Code Execution Vulnerability
.NET Remote Code Execution Vulnerability
# Microsoft Security Advisory CVE-2023-33128: .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in .NET source generator fo
ghsaosv
CVE-2023-24936HIGHCVSS 7.5≥ 7.0.0, < 7.0.7≥ 6.0.0, < 6.0.182023-06-14
CVE-2023-24936 [HIGH] .NET Elevation of Privilege Vulnerability
.NET Elevation of Privilege Vulnerability
# Microsoft Security Advisory CVE-2023-24936: .NET Elevation of Privilege Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A vulnerability exists in .NET when deseri
ghsaosv
1 / 2Next →