Vulnerabilities > Microsoft > NET Framework

DATE CVE VULNERABILITY TITLE RISK
2019-05-16 CVE-2019-0981 Data Processing Errors vulnerability in Microsoft .Net Core and .Net Framework
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'.
network
low complexity
microsoft CWE-19
5.0
2019-05-16 CVE-2019-0980 Data Processing Errors vulnerability in Microsoft .Net Core and .Net Framework
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'.
network
low complexity
microsoft CWE-19
5.0
2019-05-16 CVE-2019-0864 Unspecified vulnerability in Microsoft .Net Framework
A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'.
local
low complexity
microsoft
2.1
2019-05-16 CVE-2019-0820 Resource Exhaustion vulnerability in multiple products
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'.
network
low complexity
microsoft redhat CWE-400
7.5
2019-05-14 CVE-2019-11397 Path Traversal vulnerability in multiple products
GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter.
network
low complexity
rapidflows microsoft CWE-22
6.5
2019-03-05 CVE-2019-0657 Improper Input Validation vulnerability in Microsoft products
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
network
microsoft CWE-20
4.3
2019-03-05 CVE-2019-0613 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft .Net Framework and Visual Studio 2017
A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and Visual Studio Remote Code Execution Vulnerability'.
network
microsoft CWE-119
critical
9.3
2019-01-08 CVE-2019-0545 Information Exposure vulnerability in Microsoft .Net Core and .Net Framework
An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7/4.7.1/4.7.2, .NET Core 2.1, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 2.2, Microsoft .NET Framework 4.7.2.
network
low complexity
microsoft CWE-200
5.0
2018-12-12 CVE-2018-8540 Code Injection vulnerability in Microsoft .Net Framework
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 4.6.2.
network
low complexity
microsoft CWE-94
critical
10.0
2018-12-12 CVE-2018-8517 Unspecified vulnerability in Microsoft .Net Framework
A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
network
low complexity
microsoft
5.0