Microsoft Net Framework 3 5 And 4 8
Monthly
Denial of service in Microsoft .NET Framework 3.5 through 4.8.1 allows unauthenticated remote attackers to crash applications via race condition exploitation over a network. The vulnerability stems from improper synchronization when multiple threads access shared resources concurrently (CWE-755). Affected versions span .NET Framework 3.5, 4.6.2, 4.7.x, 4.8, and 4.8.1 across multiple component combinations. Microsoft has released patches addressing the flaw. No public exploit code or active explo
Infinite loop denial-of-service vulnerability in Microsoft .NET Framework (3.5 through 4.8.1), .NET 8.0, 9.0, and 10.0 allows unauthenticated remote attackers to exhaust server resources via specially crafted network requests. The vulnerability (CWE-835) stems from unreachable loop exit conditions in core .NET processing logic, enabling complete service disruption with low attack complexity. Vendor-released patches are available across all affected product lines. No public exploit identified at
Denial of service in Microsoft .NET Framework 3.5 and 4.7.2-4.8.1 via race condition in shared resource synchronization allows unauthenticated remote attackers to crash affected applications with high complexity attack requirements. Microsoft has released patches addressing improper concurrent access handling across multiple .NET Framework versions.
Denial of service in Microsoft .NET Framework 3.5 through 4.8.1 allows unauthenticated remote attackers to crash applications via race condition exploitation over a network. The vulnerability stems from improper synchronization when multiple threads access shared resources concurrently (CWE-755). Affected versions span .NET Framework 3.5, 4.6.2, 4.7.x, 4.8, and 4.8.1 across multiple component combinations. Microsoft has released patches addressing the flaw. No public exploit code or active explo
Infinite loop denial-of-service vulnerability in Microsoft .NET Framework (3.5 through 4.8.1), .NET 8.0, 9.0, and 10.0 allows unauthenticated remote attackers to exhaust server resources via specially crafted network requests. The vulnerability (CWE-835) stems from unreachable loop exit conditions in core .NET processing logic, enabling complete service disruption with low attack complexity. Vendor-released patches are available across all affected product lines. No public exploit identified at
Denial of service in Microsoft .NET Framework 3.5 and 4.7.2-4.8.1 via race condition in shared resource synchronization allows unauthenticated remote attackers to crash affected applications with high complexity attack requirements. Microsoft has released patches addressing improper concurrent access handling across multiple .NET Framework versions.