Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
framework vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-0160
Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
1 EDB exploit
NA
CVE-2015-1673
The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote malicious users to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privile...
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
7.8
CVSSv3
CVE-2017-8759
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an malicious user to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.7
1 EDB exploit
24 Github repositories
13 Articles
NA
CVE-2014-4149
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote malicious users to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability.&q...
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
4 Github repositories
NA
CVE-2007-1473
Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework prior to 3.1.4 RC1, when the login page contains a language selection box, allows remote malicious users to inject arbitrary web script or HTML via the new_lang parameter to login.php.
Horde Horde Application Framework 1.2.5
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 1.2.7
Horde Horde Application Framework 2.2.1
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.2.8
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 2.2.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.2
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2
1 EDB exploit
NA
CVE-2014-4073
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote malicious users to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of ...
Microsoft .net Framework 2.0
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
NA
CVE-2013-3132
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET...
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
NA
CVE-2014-1806
The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote malicious users to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel ...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 1.1
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
1 EDB exploit
4 Github repositories
NA
CVE-2014-4121
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted request to a .NET we...
Microsoft .net Framework 2.0
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
9.8
CVSSv3
CVE-2016-0132
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 mishandles signature validation for unspecified elements of XML documents, which allows remote malicious users to spoof signatures via a modified document, aka ".NET XML Validation Security Feature ...
Microsoft .net Framework 2.0
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5.1
Microsoft .net Framework 3.5
Microsoft .net Framework 3.0
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »