Vulnerabilities > Microsoft > NET Framework > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-15 | CVE-2019-1113 | Improper Input Validation vulnerability in Microsoft .Net Framework and Visual Studio 2017 A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. | 8.8 |
| 2019-07-15 | CVE-2019-1083 | Data Processing Errors vulnerability in Microsoft .Net Framework A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'. | 7.5 |
| 2019-07-15 | CVE-2019-1006 | Improper Certificate Validation vulnerability in Microsoft products An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. | 7.5 |
| 2019-05-16 | CVE-2019-0981 | Data Processing Errors vulnerability in Microsoft .Net Core and .Net Framework A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. | 7.5 |
| 2019-05-16 | CVE-2019-0980 | Data Processing Errors vulnerability in Microsoft .Net Core and .Net Framework A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. | 7.5 |
| 2019-05-16 | CVE-2019-0820 | Resource Exhaustion vulnerability in multiple products A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. | 7.5 |
| 2019-03-05 | CVE-2019-0613 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft .Net Framework and Visual Studio 2017 A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and Visual Studio Remote Code Execution Vulnerability'. | 8.8 |
| 2019-01-08 | CVE-2019-0545 | Information Exposure vulnerability in Microsoft .Net Core and .Net Framework An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7/4.7.1/4.7.2, .NET Core 2.1, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 2.2, Microsoft .NET Framework 4.7.2. | 7.5 |
| 2018-12-12 | CVE-2018-8517 | Unspecified vulnerability in Microsoft .Net Framework A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. | 7.5 |
| 2018-08-15 | CVE-2018-8360 | Information Exposure vulnerability in Microsoft .Net Framework An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2. | 7.5 |