Microsoft .Net Framework vulnerabilities
10 known vulnerabilities affecting microsoft/microsoft_.net_framework.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH7MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-0545HIGHCVSS 7.5v2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2v2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+81 more2019-01-08
CVE-2019-0545 [HIGH] CWE-200 CVE-2019-0545: An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassin
An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Frame
cvelistv5nvd
CVE-2018-8540CRITICALCVSS 9.8v3.5 on Windows 10 for 32-bit Systemsv3.5 on Windows 10 for x64-based Systems+71 more2018-12-12
CVE-2018-8540 [CRITICAL] CWE-94 CVE-2018-8540: A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate inp
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Mi
cvelistv5nvd
CVE-2018-8517HIGHCVSS 7.5v3.5 on Windows 10 Version 1607 for 32-bit Systemsv3.5 on Windows 10 Version 1607 for x64-based Systems+68 more2018-12-12
CVE-2018-8517 [HIGH] CVE-2018-8517: A denial of service vulnerability exists when .NET Framework improperly handles special web requests
A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5
cvelistv5nvd
CVE-2018-8421CRITICALCVSS 9.8v2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2v2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+67 more2018-09-13
CVE-2018-8421 [CRITICAL] CWE-20 CVE-2018-8421: A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input
A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NET Framework Remote Code Execution Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET
cvelistv5nvd
CVE-2018-8360HIGHCVSS 7.5v2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2v2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+67 more2018-08-15
CVE-2018-8360 [HIGH] CWE-200 CVE-2018-8360: An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attac
An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework
cvelistv5nvd
CVE-2018-8284HIGHCVSS 8.1v2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2v2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+69 more2018-07-11
CVE-2018-8284 [HIGH] CWE-94 CVE-2018-8284: A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate inp
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Mi
cvelistv5nvd
CVE-2018-8260HIGHCVSS 8.8v4.7.2 on Windows 10 Version 1607 for 32-bit Systemsv4.7.2 on Windows 10 Version 1607 for x64-based Systems+21 more2018-07-11
CVE-2018-8260 [HIGH] CWE-20 CVE-2018-8260: A Remote Code Execution vulnerability exists in .NET software when the software fails to check the s
A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2.
cvelistv5nvd
CVE-2018-8202HIGHCVSS 7.8v2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2v2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+68 more2018-07-11
CVE-2018-8202 [HIGH] CVE-2018-8202: An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to el
An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framewo
cvelistv5nvd
CVE-2018-8356MEDIUMCVSS 5.5v3.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2v3.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+61 more2018-07-11
CVE-2018-8356 [MEDIUM] CWE-295 CVE-2018-8356: A security feature bypass vulnerability exists when Microsoft .NET Framework components do not corre
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, AS
cvelistv5nvd
CVE-2018-1039HIGHCVSS 7.8v2.0 Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2v2.0 Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+66 more2018-05-09
CVE-2018-1039 [HIGH] CVE-2018-1039: A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to by
A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This affects Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1, Microsoft .NET Framework 3.0,
cvelistv5nvd