Note:
This project will be discontinued after December 13, 2021. [more]
Product:
\.net_framework
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 174 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-05-10 | CVE-2011-1271 | The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary code, in opportunistic circumstances by leveraging a crafted application, as demonstrated by (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET... | \.net_framework | N/A | ||
| 2024-01-09 | CVE-2024-21312 | .NET Framework Denial of Service Vulnerability | \.net_framework | 7.5 | ||
| 2024-01-09 | CVE-2024-0057 | NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | \.net, \.net_framework, Powershell, Visual_studio_2022 | 9.8 | ||
| 2024-07-09 | CVE-2024-38081 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | \.net, \.net_framework, Visual_studio_2022 | 7.3 | ||
| 2017-09-13 | CVE-2017-8759 | Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability." | \.net_framework | 7.8 | ||
| 2015-05-13 | CVE-2015-1671 | The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Developer Runtime before 5.1.40416.00, allows remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability." | \.net_framework, Live_meeting, Lync, Silverlight | 7.8 | ||
| 2023-02-14 | CVE-2023-21722 | .NET Framework Denial of Service Vulnerability | \.net_framework | 5.0 | ||
| 2023-02-14 | CVE-2023-21808 | .NET and Visual Studio Remote Code Execution Vulnerability | \.net, \.net_framework, Visual_studio_2017, Visual_studio_2019, Visual_studio_2022 | 7.8 | ||
| 2023-06-14 | CVE-2023-24897 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | \.net, \.net_framework, Visual_studio, Visual_studio_2017, Visual_studio_2019, Visual_studio_2022 | 7.8 | ||
| 2023-06-14 | CVE-2023-29331 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | \.net, \.net_framework | 7.5 |