Microsoft .NET Framework
by Microsoft
CVEs (51)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-41064 | 0.00 | — | 0.00 | Nov 9, 2022 | .NET Framework Information Disclosure Vulnerability | |||
| CVE-2022-26929 | 0.00 | — | 0.05 | Sep 13, 2022 | .NET Framework Remote Code Execution Vulnerability | |||
| CVE-2022-30130 | 0.00 | — | 0.04 | May 10, 2022 | .NET Framework Denial of Service Vulnerability | |||
| CVE-2020-1108 | 0.00 | — | 0.04 | May 21, 2020 | A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. | |||
| CVE-2019-1142 | 0.00 | — | 0.00 | Sep 11, 2019 | An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'. | |||
| CVE-2019-1006 | 0.00 | — | 0.03 | Jul 15, 2019 | An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. | |||
| CVE-2019-0981 | 0.00 | — | 0.06 | May 16, 2019 | A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980. | |||
| CVE-2019-0980 | 0.00 | — | 0.06 | May 16, 2019 | A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981. | |||
| CVE-2019-0820 | 0.00 | — | 0.05 | May 16, 2019 | A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981. | |||
| CVE-2019-0864 | 0.00 | — | 0.00 | May 16, 2019 | A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'. | |||
| CVE-2018-1039 | 0.00 | — | 0.01 | May 9, 2018 | A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This affects Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6, Microsoft… |
- CVE-2022-41064Nov 9, 2022risk 0.00cvss —epss 0.00
.NET Framework Information Disclosure Vulnerability
- CVE-2022-26929Sep 13, 2022risk 0.00cvss —epss 0.05
.NET Framework Remote Code Execution Vulnerability
- CVE-2022-30130May 10, 2022risk 0.00cvss —epss 0.04
.NET Framework Denial of Service Vulnerability
- CVE-2020-1108May 21, 2020risk 0.00cvss —epss 0.04
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.
- CVE-2019-1142Sep 11, 2019risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'.
- CVE-2019-1006Jul 15, 2019risk 0.00cvss —epss 0.03
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
- CVE-2019-0981May 16, 2019risk 0.00cvss —epss 0.06
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.
- CVE-2019-0980May 16, 2019risk 0.00cvss —epss 0.06
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.
- CVE-2019-0820May 16, 2019risk 0.00cvss —epss 0.05
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
- CVE-2019-0864May 16, 2019risk 0.00cvss —epss 0.00
A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'.
- CVE-2018-1039May 9, 2018risk 0.00cvss —epss 0.01
A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This affects Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6, Microsoft…
Page 3 of 3