Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
.net_framework vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2008-3842
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a query s...
Microsoft .net Framework 2.0
Microsoft .net Framework 1.1
Microsoft .net Framework 1.0
828
VMScore
CVE-2007-0041
The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote malicious users to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a b...
Microsoft .net Framework 2.0
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
828
VMScore
CVE-2007-0043
The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote malicious users to execute arbitrary code via unspecified vectors involving an "unchecked buffer," probably a b...
Microsoft .net Framework 2.0
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
383
VMScore
CVE-2008-3843
Request Validation (aka the ValidateRequest filters) in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by a query stri...
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
383
VMScore
CVE-2011-1978
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote malicious users to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser application (aka XBAP), (...
Microsoft .net Framework 4.0
Microsoft .net Framework 3.5.1
Microsoft .net Framework 2.0
785
VMScore
CVE-2007-0042
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote malicious users to access configuration files and obtain sensitive information, and possibly bypass security mechanisms that try to constrai...
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 1.0
1 EDB exploit
828
VMScore
CVE-2012-1855
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Fra...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
383
VMScore
CVE-2019-0657
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
Microsoft .net Core 1.0
Microsoft .net Core 2.1
Microsoft .net Core 2.2
Microsoft Visual Studio 2017 -
Microsoft Visual Studio 2017 15.9
Microsoft Powershell Core 6.1
Microsoft Powershell Core 6.0
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
1 Article
605
VMScore
CVE-2020-1147
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Microsoft .net Core 2.1
Microsoft .net Core 3.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Server 2019
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
1 Article
828
VMScore
CVE-2018-8284
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft Project Server 2013
Microsoft Project Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Server 2013
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »