Microsoft Net 6.0 vulnerabilities
50 known vulnerabilities affecting microsoft/net_6.0.
Total CVEs
50
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL2HIGH43MEDIUM5
Vulnerabilities
Page 1 of 3
CVE-2025-36853HIGHCVSS 7.5≥ 6.0.0, < 6.0.362025-09-08
CVE-2025-36853 [HIGH] CWE-190 EOL .NET 6.0 Runtime Remote Code Execution Vulnerability
EOL .NET 6.0 Runtime Remote Code Execution Vulnerability
A vulnerability (CVE-2025-21172) exists in msdia140.dll due to integer overflow and heap-based overflow.
Per CWE-122: Heap-based Buffer Overflow, a heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as mal
cvelistv5
CVE-2025-36855HIGHCVSS 8.8≥ 6.0.0, < 6.0.362025-09-08
CVE-2025-36855 [HIGH] CWE-126 EOL .NET 6.0 Runtime Remote Code Execution Vulnerability
EOL .NET 6.0 Runtime Remote Code Execution Vulnerability
A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due to buffer over-read.
Per CWE-126: Buffer Over-read https://cwe.mitre.org/data/definitions/126.html , Buffer Over-read is when a product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the t
cvelistv5
CVE-2025-36854HIGHCVSS 8.1≥ 6.0.0, ≤ 6.0.362025-09-08
CVE-2025-36854 [HIGH] CWE-416 EOL ASP.NET 6.0 Remote Code Execution Vulnerability
EOL ASP.NET 6.0 Remote Code Execution Vulnerability
A vulnerability ( CVE-2024-38229 https://www.cve.org/CVERecord ) exists in EOL ASP.NET when closing an HTTP/3 stream while application code is writing to the response body, a race condition may lead to use-after-free, resulting in Remote Code Execution.
Per CWE-416: Use After Free https://cwe.mitre.org/data/definitions/416.html , Use After Free is when a product
cvelistv5
CVE-2025-21176HIGHCVSS 8.8≥ 6.0.0, < 6.0.362025-01-14
CVE-2025-21176 [HIGH] CWE-126 CVE-2025-21176: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
nvd
CVE-2025-21172HIGHCVSS 7.5≥ 6.0.0, < 6.0.362025-01-14
CVE-2025-21172 [HIGH] CWE-122 CVE-2025-21172: .NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
nvd
CVE-2024-43484HIGHCVSS 7.5≥ 6.0.0, < 6.0.352024-10-08
CVE-2024-43484 [HIGH] CWE-407 CVE-2024-43484: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
cvelistv5nvd
CVE-2024-43485HIGHCVSS 7.5≥ 6.0.0, < 6.0.352024-10-08
CVE-2024-43485 [HIGH] CWE-407 CVE-2024-43485: .NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
cvelistv5nvd
CVE-2024-43483HIGHCVSS 7.5≥ 6.0.0, < 6.0.352024-10-08
CVE-2024-43483 [HIGH] CWE-407 CVE-2024-43483: .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
cvelistv5nvd
CVE-2024-38229HIGHCVSS 8.1≥ 6.0.0, ≤ 6.0.362024-10-08
CVE-2024-38229 [HIGH] CWE-416 CVE-2024-38229: .NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
nvd
CVE-2024-38095HIGHCVSS 7.5≥ 6.0.0, < 6.0.322024-07-09
CVE-2024-38095 [HIGH] CWE-20 CVE-2024-38095: .NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
cvelistv5nvd
CVE-2024-38081HIGHCVSS 7.3≥ 6.0.0, < 6.0.322024-07-09
CVE-2024-38081 [HIGH] CWE-59 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
cvelistv5
CVE-2024-35264HIGHCVSS 8.1v-2024-07-09
CVE-2024-35264 [HIGH] CWE-416 CVE-2024-35264: .NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2024-21409HIGHCVSS 7.3≥ 6.0.0, < 6.0.292024-04-09
CVE-2024-21409 [HIGH] CWE-416 CVE-2024-21409: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2024-21404HIGHCVSS 7.5≥ 6.0.0, < 6.0.272024-02-13
CVE-2024-21404 [HIGH] CWE-476 .NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
cvelistv5
CVE-2024-0057CRITICALCVSS 9.8≥ 6.0.0, < 6.0.262024-01-09
CVE-2024-0057 [CRITICAL] CWE-20 CVE-2024-0057: NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
cvelistv5nvd
CVE-2024-20672HIGHCVSS 7.5≥ 6.0.0, < 6.0.262024-01-09
CVE-2024-20672 [HIGH] CWE-400 .NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
cvelistv5
CVE-2024-0056HIGHCVSS 8.7≥ 6.0.0, < 6.0.262024-01-09
CVE-2024-0056 [HIGH] CWE-319 CVE-2024-0056: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnera
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
cvelistv5nvd
CVE-2024-21319MEDIUMCVSS 6.8≥ 6.0.0, < 6.0.262024-01-09
CVE-2024-21319 [MEDIUM] CWE-20 Microsoft Identity Denial of service vulnerability
Microsoft Identity Denial of service vulnerability
Microsoft Identity Denial of service vulnerability
cvelistv5
CVE-2023-36049CRITICALCVSS 9.8≥ 6.0.0, < 6.0.252023-11-14
CVE-2023-36049 [CRITICAL] CWE-20 CVE-2023-36049: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
cvelistv5nvd
CVE-2023-36558MEDIUMCVSS 5.5≥ 6.0.0, < 6.0.252023-11-14
CVE-2023-36558 [MEDIUM] CVE-2023-36558: ASP.NET Core Security Feature Bypass Vulnerability
ASP.NET Core Security Feature Bypass Vulnerability
cvelistv5nvd
1 / 3Next →