Microsoft .net framework
This hub aggregates every CVE we track for Microsoft .net framework, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
14
CVEs tracked
2
Critical
10
High
1
In CISA KEV
Severity distribution
HIGH10MEDIUM2CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 14 most recently published vulnerabilities affecting Microsoft .net framework.
- CVE-2019-0864A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'.5.5
- CVE-2019-0820A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is uniqu...7.5
- CVE-2019-0545An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure...7.5
- CVE-2018-8540A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NE...9.8
- CVE-2018-8517A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6...7.5
- CVE-2018-8421A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NET Framework Remote Code Execution Vulnerability." This affects Microsoft .NET Framework...9.8
- CVE-2018-8360An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosur...7.5
- CVE-2018-8356A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affe...5.5
- CVE-2018-8260A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .N...8.8
- CVE-2018-8284A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NE...8.1
- CVE-2018-8202An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affe...7.8
- CVE-2018-1039A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This ...7.8
- CVE-2017-8759Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execut...KEV7.8
- CVE-2017-0248Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specifi...7.5
Product normalization is registry-driven with AI assist and human review. How it works