Product:

\.net_framework

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 177
Date Id Summary Products Score Patch Annotated
2024-01-09 CVE-2024-21312 .NET Framework Denial of Service Vulnerability \.net_framework N/A
2024-07-09 CVE-2024-38081 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability \.net, \.net_framework, Visual_studio_2022 N/A
2009-10-14 CVE-2009-2502 Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007... \.net_framework, Excel_viewer, Expression_web, Forefront_client_security, Internet_explorer, Office, Office_compatibility_pack, Office_excel_viewer, Office_groove, Office_powerpoint_viewer, Office_word_viewer, Platform_sdk, Project, Report_viewer, Sql_server, Sql_server_reporting_services, Visio, Visual_foxpro, Visual_studio, Visual_studio_\.net, Windows_2003_server, Windows_server_2008, Windows_vista, Windows_xp, Word_viewer, Works N/A
2024-10-08 CVE-2024-43483 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability \.net, \.net_framework, Visual_studio_2022 7.5
2024-10-08 CVE-2024-43484 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability \.net, \.net_framework, Visual_studio_2022 7.5
2011-05-10 CVE-2011-1271 The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary code, in opportunistic circumstances by leveraging a crafted application, as demonstrated by (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET... \.net_framework N/A
2019-05-14 CVE-2019-11397 GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter. \.net_framework, Rapid4 6.5
2009-10-14 CVE-2009-0090 Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability." \.net_framework, Windows_2000, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp N/A
2009-10-14 CVE-2009-0091 Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Type Verification Vulnerability." \.net_framework, Windows_2000, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp N/A
2009-10-14 CVE-2009-2497 The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight application, (3) a crafted ASP.NET application, or (4) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability." \.net_framework, Windows_2000, Windows_7, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp N/A