📦 .net
by Microsoft
🔍 What is .net?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows attackers to bypass security features in .NET, .NET Framework, and Visual Studio, potentially enabling unauthorized access or privilege escalation. It affects systems running...
This .NET vulnerability allows unauthorized attackers to perform spoofing attacks over a network by exploiting improper handling of missing special elements. It affects systems running vulnerable vers...
This CVE describes an untrusted search path vulnerability in .NET and Visual Studio that allows attackers to execute arbitrary code by manipulating the search order for DLLs or other files. Attackers ...
This vulnerability allows an authorized attacker to control file names or paths in .NET, Visual Studio, and Build Tools for Visual Studio, enabling network-based spoofing attacks. It affects systems r...
This .NET vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiting a heap-based buffer overflow. It affects systems running vulnerable versions of .NET Framewo...
This CVE describes a heap-based buffer overflow vulnerability in .NET and Visual Studio that could allow remote code execution. Attackers could exploit this by tricking users into opening specially cr...
This CVE describes a privilege escalation vulnerability in .NET that allows authenticated attackers to elevate their privileges on affected systems. It affects systems running vulnerable versions of ....
This vulnerability allows remote code execution in .NET, .NET Framework, and Visual Studio applications through a buffer overflow condition (CWE-126). Attackers can exploit this to execute arbitrary c...
This vulnerability in .NET, .NET Framework, and Visual Studio allows attackers to cause a denial of service by sending specially crafted requests to affected applications. It affects systems running v...
This vulnerability in .NET and Visual Studio allows attackers to cause a denial of service by sending specially crafted requests that trigger inefficient algorithmic complexity. It affects systems run...
This CVE describes a denial of service vulnerability in .NET and Visual Studio where an attacker can cause affected systems to become unresponsive or crash. The vulnerability affects systems running v...
This vulnerability in .NET and Visual Studio allows attackers to cause a denial of service by sending specially crafted requests to affected systems. It affects applications built with vulnerable .NET...
This vulnerability allows attackers to elevate privileges on systems running affected .NET, .NET Framework, or Visual Studio installations. An authenticated attacker could exploit this to gain higher ...
This vulnerability allows remote code execution in .NET, .NET Framework, and Visual Studio through a use-after-free memory corruption issue (CWE-416). Attackers can exploit this to execute arbitrary c...
This vulnerability in Microsoft's QUIC protocol implementation allows attackers to cause denial of service by sending specially crafted network packets. It affects systems running Microsoft Windows wi...
This vulnerability in .NET and Visual Studio allows attackers to cause a denial of service by sending specially crafted requests to affected systems. It affects applications built with vulnerable .NET...
This CVE describes a denial of service vulnerability in .NET that allows attackers to crash affected applications by sending specially crafted requests. It affects systems running vulnerable versions ...
This vulnerability allows attackers to elevate privileges on systems running affected .NET, .NET Framework, and Visual Studio versions. An authenticated attacker could exploit this to gain higher priv...
This vulnerability in Microsoft's QUIC protocol implementation allows attackers to cause denial of service by sending specially crafted network packets. It affects Windows systems running QUIC-enabled...
CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...
This vulnerability in Visual Studio allows attackers to execute arbitrary code on a victim's system by tricking them into opening a specially crafted file. It affects developers and organizations usin...
This vulnerability allows remote code execution in Visual Studio when processing specially crafted files. Attackers could exploit this to run arbitrary code on affected systems. Users running vulnerab...
This CVE describes a denial of service vulnerability in .NET and Visual Studio that allows attackers to crash affected applications by sending specially crafted requests. It affects systems running vu...
CVE-2023-35390 is a remote code execution vulnerability in .NET and Visual Studio that allows attackers to execute arbitrary code on affected systems. The vulnerability affects systems running vulnera...
This vulnerability allows attackers to bypass security features in ASP.NET and Visual Studio, potentially enabling unauthorized access or privilege escalation. It affects systems running vulnerable ve...
This vulnerability allows remote attackers to execute arbitrary code on affected systems by exploiting a flaw in .NET, .NET Framework, and Visual Studio. It affects systems running vulnerable versions...
This vulnerability allows attackers to elevate privileges on affected .NET, .NET Framework, and Visual Studio installations. An authenticated attacker could exploit this to gain higher privileges than...
CVE-2023-33126 is a remote code execution vulnerability in .NET and Visual Studio that allows attackers to execute arbitrary code on affected systems. This affects systems running vulnerable versions ...
CVE-2023-28260 is a .NET DLL hijacking vulnerability that allows attackers to execute arbitrary code by placing malicious DLLs in specific directories. This affects .NET applications running on Window...
CVE-2022-29145 is a denial of service vulnerability in .NET and Visual Studio that allows attackers to crash affected applications by sending specially crafted requests. This affects systems running v...
CVE-2022-29117 is a denial of service vulnerability in .NET and Visual Studio that allows attackers to crash affected applications by sending specially crafted requests. This affects systems running v...
This CVE describes a denial of service vulnerability in .NET and Visual Studio where an attacker could cause affected applications to crash or become unresponsive. The vulnerability affects systems ru...
CVE-2022-24464 is a denial of service vulnerability in .NET and Visual Studio that allows attackers to crash affected applications by sending specially crafted requests. This affects systems running v...
CVE-2022-21986 is a denial of service vulnerability in .NET Core and .NET 5/6 that allows attackers to crash applications by sending specially crafted requests. This affects web applications and servi...
CVE-2021-26423 is a denial-of-service vulnerability in .NET Core and Visual Studio where an attacker can cause the application to crash by sending specially crafted requests. This affects applications...
CVE-2021-31204 is an elevation of privilege vulnerability in .NET Core and Visual Studio that allows authenticated attackers to execute arbitrary code with higher privileges than intended. This affect...
This vulnerability involves inadequate encryption strength in .NET, .NET Framework, and Visual Studio, allowing an authorized attacker to disclose sensitive information over a network. It affects syst...
This vulnerability in .NET and Visual Studio allows attackers to read sensitive information from memory that should be protected. It affects applications built with vulnerable .NET versions and develo...
This CVE describes a denial of service vulnerability in Visual Studio where a race condition (CWE-362) could allow an attacker to crash the application. This affects developers and organizations using...