NuGet package
microsoft.netcore.app.runtime.win-x64
pkg:nuget/microsoft.netcore.app.runtime.win-x64
Vulnerabilities (31)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-32178 | Hig | 7.5 | >= 10.0.0, < 10.0.6 | 10.0.6 | Apr 14, 2026 | Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. | |
| CVE-2026-26127 | Hig | 7.5 | >= 9.0.0, < 9.0.14 | 9.0.14 | Mar 10, 2026 | Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. | |
| CVE-2025-55248 | — | >= 9.0.0, < 9.0.10 | 9.0.10 | Oct 14, 2025 | Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network. | ||
| CVE-2025-30399 | — | >= 9.0.0, < 9.0.6 | 9.0.6 | Jun 13, 2025 | Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. | ||
| CVE-2025-21172 | — | >= 9.0.0, < 9.0.1 | 9.0.1 | Jan 14, 2025 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2025-21176 | — | >= 9.0.0, < 9.0.1 | 9.0.1 | Jan 14, 2025 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2025-21171 | — | >= 9.0.0, < 9.0.1 | 9.0.1 | Jan 14, 2025 | .NET Remote Code Execution Vulnerability | ||
| CVE-2024-38167 | — | >= 8.0.0, < 8.0.8 | 8.0.8 | Aug 13, 2024 | .NET and Visual Studio Information Disclosure Vulnerability | ||
| CVE-2024-38095 | — | >= 8.0.0, < 8.0.7 | 8.0.7 | Jul 9, 2024 | .NET and Visual Studio Denial of Service Vulnerability | ||
| CVE-2024-30045 | — | >= 7.0.0, < 7.0.19 | 7.0.19 | May 14, 2024 | .NET and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2024-21392 | — | >= 8.0.0, < 8.0.3 | 8.0.3 | Mar 12, 2024 | .NET and Visual Studio Denial of Service Vulnerability | ||
| CVE-2023-36792 | — | >= 7.0.0, < 7.0.11 | 7.0.11 | Sep 12, 2023 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-36793 | — | >= 7.0.0, < 7.0.11 | 7.0.11 | Sep 12, 2023 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-36794 | — | >= 7.0.0, < 7.0.11 | 7.0.11 | Sep 12, 2023 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-36796 | — | >= 7.0.0, < 7.0.11 | 7.0.11 | Sep 12, 2023 | Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-38178 | — | >= 7.0.0, < 7.0.10 | 7.0.10 | Aug 8, 2023 | .NET Core and Visual Studio Denial of Service Vulnerability | ||
| CVE-2023-29331 | — | >= 6.0.0, < 6.0.18 | 6.0.18 | Jun 14, 2023 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | ||
| CVE-2023-24936 | — | >= 7.0.0, < 7.0.7 | 7.0.7 | Jun 14, 2023 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | ||
| CVE-2023-24897 | — | >= 7.0.0, < 7.0.7 | 7.0.7 | Jun 14, 2023 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | ||
| CVE-2023-33128 | — | >= 7.0.0, < 7.0.7 | 7.0.7 | Jun 13, 2023 | .NET and Visual Studio Remote Code Execution Vulnerability |
- affected >= 10.0.0, < 10.0.6fixed 10.0.6
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.
- affected >= 9.0.0, < 9.0.14fixed 9.0.14
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
- CVE-2025-55248Oct 14, 2025affected >= 9.0.0, < 9.0.10fixed 9.0.10
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
- CVE-2025-30399Jun 13, 2025affected >= 9.0.0, < 9.0.6fixed 9.0.6
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
- CVE-2025-21172Jan 14, 2025affected >= 9.0.0, < 9.0.1fixed 9.0.1
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2025-21176Jan 14, 2025affected >= 9.0.0, < 9.0.1fixed 9.0.1
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
- CVE-2025-21171Jan 14, 2025affected >= 9.0.0, < 9.0.1fixed 9.0.1
.NET Remote Code Execution Vulnerability
- CVE-2024-38167Aug 13, 2024affected >= 8.0.0, < 8.0.8fixed 8.0.8
.NET and Visual Studio Information Disclosure Vulnerability
- CVE-2024-38095Jul 9, 2024affected >= 8.0.0, < 8.0.7fixed 8.0.7
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2024-30045May 14, 2024affected >= 7.0.0, < 7.0.19fixed 7.0.19
.NET and Visual Studio Remote Code Execution Vulnerability
- CVE-2024-21392Mar 12, 2024affected >= 8.0.0, < 8.0.3fixed 8.0.3
.NET and Visual Studio Denial of Service Vulnerability
- CVE-2023-36792Sep 12, 2023affected >= 7.0.0, < 7.0.11fixed 7.0.11
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36793Sep 12, 2023affected >= 7.0.0, < 7.0.11fixed 7.0.11
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36794Sep 12, 2023affected >= 7.0.0, < 7.0.11fixed 7.0.11
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-36796Sep 12, 2023affected >= 7.0.0, < 7.0.11fixed 7.0.11
Visual Studio Remote Code Execution Vulnerability
- CVE-2023-38178Aug 8, 2023affected >= 7.0.0, < 7.0.10fixed 7.0.10
.NET Core and Visual Studio Denial of Service Vulnerability
- CVE-2023-29331Jun 14, 2023affected >= 6.0.0, < 6.0.18fixed 6.0.18
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
- CVE-2023-24936Jun 14, 2023affected >= 7.0.0, < 7.0.7fixed 7.0.7
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
- CVE-2023-24897Jun 14, 2023affected >= 7.0.0, < 7.0.7fixed 7.0.7
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
- CVE-2023-33128Jun 13, 2023affected >= 7.0.0, < 7.0.7fixed 7.0.7
.NET and Visual Studio Remote Code Execution Vulnerability
Page 1 of 2