Microsoft Net vulnerabilities

61 known vulnerabilities affecting microsoft/net.

Total CVEs

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL3HIGH45MEDIUM13

Vulnerabilities

Page 2 of 4

CVE-2024-35264HIGHCVSS 8.1≥ 8.0.0, < 8.0.72024-07-09

CVE-2024-35264 [HIGH] CWE-416 CVE-2024-35264: .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2024-30045MEDIUMCVSS 6.3≥ 7.0.0, < 7.0.19≥ 8.0.0, < 8.0.52024-05-14

CVE-2024-30045 [MEDIUM] CWE-122 CVE-2024-30045: .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2024-21409HIGHCVSS 7.3≥ 6.0.0, < 6.0.29≥ 7.0.0, < 7.0.18+1 more2024-04-09

CVE-2024-21409 [HIGH] CWE-416 CVE-2024-21409: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2024-21392HIGHCVSS 7.5≥ 7.0.0, < 7.0.17≥ 8.0.0, < 8.0.32024-03-12

CVE-2024-21392 [HIGH] CWE-400 CVE-2024-21392: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

nvd

CVE-2024-0057CRITICALCVSS 9.8≥ 6.0.0, < 6.0.26≥ 7.0.0, < 7.0.15+1 more2024-01-09

CVE-2024-0057 [CRITICAL] CWE-20 CVE-2024-0057: NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

nvd

CVE-2024-0056HIGHCVSS 8.7≥ 6.0.0, < 6.0.26≥ 7.0.0, < 7.0.15+1 more2024-01-09

CVE-2024-0056 [HIGH] CWE-319 CVE-2024-0056: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnera Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

nvd

CVE-2024-21319MEDIUMCVSS 6.8≥ 6.0.0, < 6.0.26≥ 7.0.0, < 7.0.15+1 more2024-01-09

CVE-2024-21319 [MEDIUM] CWE-20 CVE-2024-21319: Microsoft Identity Denial of service vulnerability Microsoft Identity Denial of service vulnerability

nvd

CVE-2023-36049CRITICALCVSS 9.8≥ 6.0.0, < 6.0.25≥ 7.0.0, < 7.0.14+1 more2023-11-14

CVE-2023-36049 [CRITICAL] CWE-20 CVE-2023-36049: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2023-36558MEDIUMCVSS 5.5≥ 6.0.0, < 6.0.25≥ 7.0.0, < 7.0.14+1 more2023-11-14

CVE-2023-36558 [MEDIUM] CVE-2023-36558: ASP.NET Core Security Feature Bypass Vulnerability ASP.NET Core Security Feature Bypass Vulnerability

nvd

CVE-2023-44487HIGHCVSS 7.5KEVPoC≥ 6.0.0, < 6.0.23≥ 7.0.0, < 7.0.122023-10-10

CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

nvd

CVE-2023-36799MEDIUMCVSS 6.5v6.0.0v7.0.02023-09-12

CVE-2023-36799 [MEDIUM] CWE-400 CVE-2023-36799: .NET Core and Visual Studio Denial of Service Vulnerability .NET Core and Visual Studio Denial of Service Vulnerability

nvd

CVE-2023-35391HIGHCVSS 7.5≥ 6.0.0, < 6.0.21≥ 7.0.0, < 7.0.102023-08-08

CVE-2023-35391 [HIGH] CVE-2023-35391: ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability

nvd

CVE-2023-38178HIGHCVSS 7.5v6.0.02023-08-08

CVE-2023-38178 [HIGH] CWE-400 CVE-2023-38178: .NET Core and Visual Studio Denial of Service Vulnerability .NET Core and Visual Studio Denial of Service Vulnerability

nvd

CVE-2023-38180HIGHCVSS 7.5KEV≥ 6.0.0, < 6.0.21≥ 7.0.0, < 7.0.102023-08-08

CVE-2023-38180 [HIGH] CWE-400 CVE-2023-38180: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

nvd

CVE-2023-35390HIGHCVSS 7.8≥ 6.0.0, < 6.0.21≥ 7.0.0, < 7.0.102023-08-08

CVE-2023-35390 [HIGH] CWE-77 CVE-2023-35390: .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2023-33170HIGHCVSS 8.1≥ 6.0.0, < 6.0.20≥ 7.0.0, < 7.0.92023-07-11

CVE-2023-33170 [HIGH] CWE-362 CVE-2023-33170: ASP.NET and Visual Studio Security Feature Bypass Vulnerability ASP.NET and Visual Studio Security Feature Bypass Vulnerability

nvd

CVE-2023-33127HIGHCVSS 8.1≥ 6.0.0, < 6.0.20≥ 7.0.0, < 7.0.92023-07-11

CVE-2023-33127 [HIGH] CWE-1220 CVE-2023-33127: .NET and Visual Studio Elevation of Privilege Vulnerability .NET and Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2023-33128HIGHCVSS 7.3≥ 6.0.0, < 6.0.18≥ 7.0.0, < 7.0.72023-06-14

CVE-2023-33128 [HIGH] CWE-416 CVE-2023-33128: .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2023-24936HIGHCVSS 7.5v6.0.0v7.0.02023-06-14

CVE-2023-24936 [HIGH] CVE-2023-24936: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2023-33126HIGHCVSS 7.3≥ 6.0.0, < 6.0.18≥ 7.0.0, < 7.0.72023-06-14

CVE-2023-33126 [HIGH] CVE-2023-33126: .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability

nvd

← Previous2 / 4Next →