Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft .net vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-1670
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote malicious users to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType Font Parsing Vulnera...
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
1 Article
NA
CVE-2015-1672
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allows remote malicious users to cause a denial of service (recursion and performance degradation) via crafted encrypted data in an XML document, aka ".NET XML Decryption Denial of Service Vulnerability.&...
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
7.5
CVSSv3
CVE-2016-3255
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote malicious users to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka ".NET ...
Microsoft .net Framework 3.5
Microsoft .net Framework 2.0
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5.1
7.5
CVSSv3
CVE-2016-0033
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote malicious users to cause a denial of service (performance degradation) via crafted XSLT data, aka ".NET Framework Stack Overflow...
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5.1
Microsoft .net Framework 3.5
Microsoft .net Framework 2.0
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
7.5
CVSSv3
CVE-2016-0047
WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote malicious users to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms Information Disclosure Vulnerability."
Microsoft .net Framework 3.5.1
Microsoft .net Framework 3.5
Microsoft .net Framework 2.0
Microsoft .net Framework 4.6
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6.1
NA
CVE-2013-3861
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote malicious users to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability."
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
NA
CVE-2013-1336
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check signatures, which allows remote malicious users to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity, aka &...
Microsoft .net Framework 4.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
NA
CVE-2015-6099
Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote malicious users to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
NA
CVE-2013-3133
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework applica...
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
NA
CVE-2013-3171
The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2)...
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »