VYPR

Net

by Microsoft

Source repositories

CVEs (30)

  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2026-45490HigJun 9, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper authorization in .NET allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26131HigMar 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.

  • CVE-2026-26127HigMar 10, 2026
    risk 0.49cvss 7.5epss 0.02

    Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.

  • CVE-2022-29145HigMay 10, 2022
    risk 0.49cvss 7.5epss 0.05

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-29117HigMay 10, 2022
    risk 0.49cvss 7.5epss 0.05

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2022-24464HigMar 9, 2022
    risk 0.49cvss 7.5epss 0.03

    .NET and Visual Studio Denial of Service Vulnerability

  • CVE-2026-35433HigMay 12, 2026
    risk 0.47cvss 7.3epss 0.01

    Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.

  • CVE-2026-33116HigApr 14, 2026
    risk 0.42cvss 7.5epss 0.01

    Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32203HigApr 14, 2026
    risk 0.42cvss 7.5epss 0.01

    Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32178HigApr 14, 2026
    risk 0.42cvss 7.5epss 0.01

    Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-26171HigApr 14, 2026
    risk 0.42cvss 7.5epss 0.01

    Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.

  • CVE-2026-25667HigMar 19, 2026
    risk 0.42cvss 7.5epss 0.03

    ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing.

  • CVE-2022-38013HigSep 13, 2022
    risk 0.42cvss 7.5epss 0.03

    .NET Core and Visual Studio Denial of Service Vulnerability

  • CVE-2026-45491MedJun 9, 2026
    risk 0.40cvss 6.2epss 0.00

    Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.

  • CVE-2022-24512MedMar 9, 2022
    risk 0.34cvss 6.3epss 0.02

    .NET and Visual Studio Remote Code Execution Vulnerability

  • CVE-2021-24111Feb 25, 2021
    risk 0.02cvss epss 0.04

    .NET Framework Denial of Service Vulnerability

  • CVE-2021-31957Jun 8, 2021
    risk 0.01cvss epss 0.05

    ASP.NET Core Denial of Service Vulnerability

  • CVE-2021-1721Feb 25, 2021
    risk 0.01cvss epss 0.03

    .NET Core and Visual Studio Denial of Service Vulnerability

  • CVE-2020-16937Oct 16, 2020
    risk 0.01cvss epss 0.03

    An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory. To exploit the vulnerability, an authenticated…

Page 1 of 2