Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
.net framework vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3860
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote malicious users to cause a denial of service (application crash or hang) via a crafted signed XML document, aka "Entit...
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5
Microsoft .net Framework 4.0
Microsoft .net Framework 2.0
NA
CVE-2014-4062
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 does not properly implement the ASLR protection mechanism, which allows remote malicious users to obtain sensitive address information via a crafted web site, aka ".NET ASLR Vulnerability."
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 1.1
Microsoft .net Framework 3.0
Microsoft .net Framework 2.0
NA
CVE-2015-6099
Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote malicious users to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
NA
CVE-2015-2526
Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote malicious users to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability."
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
NA
CVE-2015-6115
Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote malicious users to bypass the ASLR protection mechanism via a crafted web site, aka ".NET ASLR Bypass."
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
NA
CVE-2014-4122
Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote malicious users to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image's location, aka ".NET ASL...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
NA
CVE-2015-1671
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 prior to 5.1.40416.00; and...
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft Lync 2010
Microsoft Lync 2013
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft Office 2007
Microsoft Live Meeting 2007
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 3.0
Microsoft Office 2010
Microsoft Silverlight
2 Articles
NA
CVE-2010-2085
The default configuration of ASP.NET in Microsoft .NET prior to 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via the __VIEWSTATE parameter.
Microsoft .net Framework 1.0
Microsoft .net Framework
NA
CVE-2013-3131
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 prior to 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote malicious users to execute arbitrary code via (1) a crafted .NET Framework app...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft Silverlight 5.0.60818.0
Microsoft Silverlight 5.1.10411.0
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft Silverlight 5.1.20125.0
Microsoft .net Framework 4.5
Microsoft Silverlight 5.0.60401.0
Microsoft Silverlight 5.0.61118.0
NA
CVE-2006-1510
Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted malicious users to execute arbitrary code via a crafted .dll file with a large static method...
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »