Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
.net_framework vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-3842
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a query s...
Microsoft .net Framework 2.0
Microsoft .net Framework 1.1
Microsoft .net Framework 1.0
9.3
CVSSv2
CVE-2007-0041
The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote malicious users to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a b...
Microsoft .net Framework 2.0
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
9.3
CVSSv2
CVE-2007-0043
The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote malicious users to execute arbitrary code via unspecified vectors involving an "unchecked buffer," probably a b...
Microsoft .net Framework 2.0
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
4.3
CVSSv2
CVE-2008-3843
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a query stri...
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
4.3
CVSSv2
CVE-2011-1978
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote malicious users to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser application (aka XBAP), (...
Microsoft .net Framework 4.0
Microsoft .net Framework 3.5.1
Microsoft .net Framework 2.0
7.8
CVSSv2
CVE-2007-0042
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote malicious users to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrai...
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 1.0
1 EDB exploit
9.3
CVSSv2
CVE-2012-1855
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Fra...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
4.3
CVSSv2
CVE-2019-0657
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
Microsoft .net Core 1.0
Microsoft .net Core 2.1
Microsoft .net Core 2.2
Microsoft Visual Studio 2017 -
Microsoft Visual Studio 2017 15.9
Microsoft Powershell Core 6.1
Microsoft Powershell Core 6.0
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
1 Article
6.8
CVSSv2
CVE-2020-1147
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Microsoft .net Core 2.1
Microsoft .net Core 3.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Server 2019
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
1 Article
9.3
CVSSv2
CVE-2018-8284
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft Project Server 2013
Microsoft Project Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Server 2013
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »