Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
framework vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-1673
The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote malicious users to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privile...
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
NA
CVE-2014-4149
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote malicious users to execute arbitrary code via crafted data to a .NET Remoting endpoint, aka "TypeFilterLevel Vulnerability.&q...
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
4 Github repositories
7.8
CVSSv3
CVE-2017-8759
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an malicious user to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.7
1 EDB exploit
24 Github repositories
13 Articles
NA
CVE-2015-6096
The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote malicious users to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka &...
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.6
NA
CVE-2007-1473
Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework prior to 3.1.4 RC1, when the login page contains a language selection box, allows remote malicious users to inject arbitrary web script or HTML via the new_lang parameter to login.php.
Horde Horde Application Framework 1.2.5
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 1.2.7
Horde Horde Application Framework 2.2.1
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.2.8
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 2.2.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.2
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2
1 EDB exploit
NA
CVE-2014-0253
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote malicious users to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persistent resource consumptio...
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
Microsoft .net Framework 1.1
NA
CVE-2015-1672
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote malicious users to cause a denial of service (recursion and performance degradation) via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability.&...
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
NA
CVE-2014-1806
The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote malicious users to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel ...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 1.1
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
1 EDB exploit
4 Github repositories
NA
CVE-2012-0161
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows remote malicious users to execute arbitrary code via (1) a crafted...
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 1.0
NA
CVE-2015-1670
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote malicious users to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType Font Parsing Vulnera...
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »