Skip to main content

Net Core

32 CVEs product

Monthly

CVE-2022-41032 NuGet HIGH PATCH This Week

NuGet Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Net Net Core Visual Studio 2019 Visual Studio 2022 +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-38013 NuGet HIGH PATCH This Week

.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core Visual Studio 2019 Visual Studio 2022 +1
NVD VulDB
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-34716 NuGet MEDIUM PATCH This Month

.NET Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Net Net Core Powershell
NVD
CVSS 3.1
5.9
EPSS
1.9%
CVE-2022-30184 NuGet MEDIUM PATCH This Month

.NET and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Visual Studio 2022 Net Net Core Nuget +2
NVD
CVSS 3.1
5.5
EPSS
5.3%
CVE-2022-29145 NuGet HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core Visual Studio 2019 Visual Studio 2022 +1
NVD VulDB
CVSS 3.1
7.5
EPSS
4.8%
CVE-2022-29117 NuGet HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core Visual Studio 2019 Visual Studio 2022 +1
NVD VulDB
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-23267 NuGet HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core Powershell Visual Studio 2019 +2
NVD
CVSS 3.1
7.5
EPSS
5.0%
CVE-2022-24512 NuGet MEDIUM PATCH This Month

.NET and Visual Studio Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Net Net Core Powershell +3
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
CVE-2022-24464 NuGet HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core Visual Studio 2019 Visual Studio 2022 +1
NVD VulDB
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-34485 NuGet MEDIUM PATCH This Month

.NET Core and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Information Disclosure Net Net Core Powershell Core Visual Studio 2017 +1
NVD
CVSS 3.1
5.0
EPSS
1.3%
CVE-2021-26423 NuGet HIGH PATCH This Week

.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core Powershell Core Visual Studio 2017 +1
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2021-31957 MEDIUM PATCH This Month

ASP.NET Core Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Net Net Core Visual Studio 2019 Fedora
NVD
CVSS 3.1
5.9
EPSS
5.1%
CVE-2021-31204 HIGH PATCH This Week

.NET and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Net Net Core Visual Studio 2019 Fedora
NVD
CVSS 3.1
7.3
EPSS
1.4%
CVE-2021-26701 NuGet HIGH PATCH This Week

.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Net Net Core Powershell Core Visual Studio 2019 +1
NVD
CVSS 3.1
8.1
EPSS
30.3%
CVE-2021-24112 NuGet HIGH PATCH This Week

.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Net Net Core Mono Visual Studio 2019
NVD
CVSS 3.1
8.1
EPSS
3.3%
CVE-2021-1721 NuGet MEDIUM PATCH This Month

.NET Core and Visual Studio Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core Powershell Core Visual Studio 2017 +1
NVD
CVSS 3.1
6.5
EPSS
3.3%
CVE-2020-8927 LIB MEDIUM PATCH This Month

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Brotli Debian Linux Fedora Ubuntu Linux +6
NVD GitHub
CVSS 3.1
6.5
EPSS
3.2%
CVE-2020-1147 NuGet HIGH POC KEV PATCH THREAT Act Now

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Microsoft Net Core Net Framework Sharepoint Enterprise Server +3
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
94.2%
CVE-2020-1108 NuGet HIGH PATCH This Week

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core Net Framework Visual Studio 2017 +3
NVD
CVSS 3.1
7.5
EPSS
11.7%
CVE-2020-0606 NuGet HIGH PATCH This Week

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Net Framework Net Core
NVD
CVSS 3.1
8.8
EPSS
17.3%
CVE-2020-0605 HIGH PATCH This Week

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Net Framework Net Core
NVD
CVSS 3.1
8.8
EPSS
17.8%
CVE-2019-1301 NuGet HIGH PATCH This Week

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Core Powershell Core
NVD
CVSS 3.1
7.5
EPSS
5.3%
CVE-2019-0981 NuGet HIGH PATCH This Week

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Core Net Framework
NVD
CVSS 3.0
7.5
EPSS
4.9%
CVE-2019-0980 NuGet HIGH PATCH This Week

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Core Net Framework
NVD
CVSS 3.0
7.5
EPSS
4.9%
CVE-2019-0820 NuGet HIGH PATCH This Week

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Core Net Framework Enterprise Linux Enterprise Linux Eus +2
NVD
CVSS 3.1
7.5
EPSS
5.7%
CVE-2019-0657 NuGet MEDIUM PATCH This Month

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Net Core Powershell Core Visual Studio 2017 Net Framework
NVD
CVSS 3.0
5.9
EPSS
4.5%
CVE-2019-0545 NuGet HIGH PATCH This Week

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Net Framework Net Core
NVD
CVSS 3.0
7.5
EPSS
9.6%
CVE-2018-8409 NuGet HIGH PATCH This Week

A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Core Asp Net Core System Io Pipelines
NVD
CVSS 3.1
7.5
EPSS
6.6%
CVE-2018-8356 NuGet MEDIUM PATCH This Month

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Net Framework Powershell Core Net Core +2
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-0765 NuGet HIGH PATCH This Week

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

Microsoft XXE Denial Of Service Net Core Net Framework
NVD
CVSS 3.0
7.5
EPSS
7.7%
CVE-2018-0786 NuGet HIGH PATCH This Week

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Net Core Powershell Core Net Framework
NVD
CVSS 3.0
7.5
EPSS
3.7%
CVE-2018-0764 NuGet HIGH PATCH This Week

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service Net Core Powershell Core Net Framework
NVD
CVSS 3.0
7.5
EPSS
8.9%
EPSS 1% CVSS 7.8
HIGH PATCH This Week

NuGet Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Net Net Core +3
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core +3
NVD VulDB
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

.NET Spoofing Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Net Net Core +1
NVD
EPSS 5% CVSS 5.5
MEDIUM PATCH This Month

.NET and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Visual Studio 2022 Net +4
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core +3
NVD VulDB
EPSS 2% CVSS 7.5
HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core +3
NVD VulDB
EPSS 5% CVSS 7.5
HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core +4
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

.NET and Visual Studio Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Net +5
NVD VulDB
EPSS 1% CVSS 7.5
HIGH PATCH This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Net Core +3
NVD VulDB
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

.NET Core and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Information Disclosure Net Net Core +3
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core +3
NVD
EPSS 5% CVSS 5.9
MEDIUM PATCH This Month

ASP.NET Core Denial of Service Vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Net Net Core +2
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

.NET and Visual Studio Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Net Net Core +2
NVD
EPSS 30% CVSS 8.1
HIGH PATCH This Week

.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Net Net Core +3
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

.NET Core Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Net Net Core +2
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

.NET Core and Visual Studio Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core +3
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Brotli Debian Linux +8
NVD GitHub
EPSS 94% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Microsoft Net Core +5
NVD Exploit-DB
EPSS 12% CVSS 7.5
HIGH PATCH This Week

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Net Core +5
NVD
EPSS 17% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Net Framework Net Core
NVD
EPSS 18% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Net Framework Net Core
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Core Powershell Core
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Core Net Framework
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Core Net Framework
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Core Net Framework +4
NVD
EPSS 5% CVSS 5.9
MEDIUM PATCH This Month

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Net Core Powershell Core +2
NVD
EPSS 10% CVSS 7.5
HIGH PATCH This Week

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Net Framework +1
NVD
EPSS 7% CVSS 7.5
HIGH PATCH This Week

A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Net Core Asp Net Core +1
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Net Framework +4
NVD
EPSS 8% CVSS 7.5
HIGH PATCH This Week

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

Microsoft XXE Denial Of Service +2
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Net Core +2
NVD
EPSS 9% CVSS 7.5
HIGH PATCH This Week

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Denial Of Service Net Core +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy