Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
.net framework vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-2481
The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote malicious users to execute arbitrary code via a crafted .NET application, aka "RyuJIT Optimization Elevation of Privilege Vulnerability," a...
Microsoft .net Framework 4.6
NA
CVE-2002-0409
orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote malicious users to view the orders of other users by modifying the OrderID parameter.
Microsoft .net Framework 1.0
NA
CVE-2006-7192
Microsoft ASP .NET Framework 2.0.50727.42 does not properly handle comment (/* */) enclosures, which allows remote malicious users to bypass request filtering and conduct cross-site scripting (XSS) attacks, or cause a denial of service, as demonstrated via an xss:expression STYLE...
Microsoft .net Framework 2.0
NA
CVE-2006-1300
Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote malicious users to bypass access restrictions via unspecified "URL paths" that can access Application Folder objects "explicitly by name.&q...
Microsoft .net Framework 2.0
NA
CVE-2012-0162
Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework Buffer Allocation Vulnerability...
Microsoft .net Framework 4.0
NA
CVE-2012-0164
Microsoft .NET Framework 4 does not properly compare index values, which allows remote malicious users to cause a denial of service (application hang) via crafted requests to a Windows Presentation Foundation (WPF) application, aka ".NET Framework Index Comparison Vulnerabil...
Microsoft .net Framework 4.0
NA
CVE-2002-0369
Buffer overflow in ASP.NET Worker Process allows remote malicious users to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode.
Microsoft .net Framework 1.0
NA
CVE-2013-1337
Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation (WCF) endpoint authentication in certain situations involving passwords over HTTPS, which allows remote malicious users to bypass authentication by sending querie...
Microsoft .net Framework 4.5
NA
CVE-2009-1536
ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote malicious users to cause a denial of service (daemon outage) via a series of crafted HTTP...
Microsoft .net Framework 3.5
Microsoft Windows Vista -
Microsoft .net Framework 2.0
Microsoft Windows Server 2008 -
Microsoft Windows Vista
6.5
CVSSv3
CVE-2019-11397
GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter.
Rapidflows Rapid4 4.5m.23
Microsoft .net Framework 4.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »