Note:
This project will be discontinued after December 13, 2021. [more]
Product:
\.net_framework
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 177 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-04-12 | CVE-2017-0160 | Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability." | \.net_framework | 7.8 | ||
| 2019-09-11 | CVE-2019-1142 | An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'. | \.net_framework | N/A | ||
| 2019-07-15 | CVE-2019-1113 | A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. | \.net_framework, Visual_studio_2017 | 8.8 | ||
| 2019-07-15 | CVE-2019-1006 | An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. | \.net_framework, Identitymodel, Sharepoint_enterprise_server, Sharepoint_foundation, Sharepoint_server, Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019 | 7.5 | ||
| 2019-07-15 | CVE-2019-1083 | A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'. | \.net_framework | 7.5 | ||
| 2019-05-16 | CVE-2019-0981 | A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980. | \.net_core, \.net_framework | 7.5 | ||
| 2019-05-16 | CVE-2019-0980 | A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981. | \.net_core, \.net_framework | 7.5 | ||
| 2019-05-16 | CVE-2019-0864 | A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'. | \.net_framework | 5.5 | ||
| 2015-08-15 | CVE-2015-2460 | ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability." | \.net_framework | N/A | ||
| 2015-12-09 | CVE-2015-6108 | The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6; Skype for Business 2016; Lync 2010; Lync 2013 SP1; Live Meeting 2007 Console; and Silverlight 5 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Graphics... | \.net_framework, Live_meeting, Lync, Office, Silverlight, Skype_for_business, Windows_7, Windows_8, Windows_8\.1, Windows_rt, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista, Word_viewer | N/A |