U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:microsoft:.net:5.0.0:-:*:*:*:*:*:*
  • CPE Name Search: true
There are 10 matching records.
Displaying matches 1 through 10.
Vuln ID Summary CVSS Severity
CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability

Published: March 09, 2022; 12:15:14 PM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2022-21986

.NET Denial of Service Vulnerability

Published: February 09, 2022; 12:15:08 PM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 4.3 MEDIUM
CVE-2021-34485

.NET Core and Visual Studio Information Disclosure Vulnerability

Published: August 12, 2021; 2:15:09 PM -0400 		V4.0:(not available)
 V3.1: 5.0 MEDIUM
V2.0: 2.1 LOW
CVE-2021-26423

.NET Core and Visual Studio Denial of Service Vulnerability

Published: August 12, 2021; 2:15:08 PM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2021-31957

ASP.NET Core Denial of Service Vulnerability

Published: June 08, 2021; 7:15:08 PM -0400 		V4.0:(not available)
 V3.1: 5.9 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2021-31204

.NET and Visual Studio Elevation of Privilege Vulnerability

Published: May 11, 2021; 3:15:10 PM -0400 		V4.0:(not available)
 V3.1: 7.3 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-26701

.NET Core Remote Code Execution Vulnerability

Published: February 25, 2021; 6:15:16 PM -0500 		V4.0:(not available)
 V3.1: 8.1 HIGH
V2.0: 7.5 HIGH
CVE-2021-24112

.NET Core Remote Code Execution Vulnerability

Published: February 25, 2021; 6:15:16 PM -0500 		V4.0:(not available)
 V3.1: 8.1 HIGH
V2.0: 7.5 HIGH
CVE-2021-1721

.NET Core and Visual Studio Denial of Service Vulnerability

Published: February 25, 2021; 6:15:13 PM -0500 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

Published: September 15, 2020; 6:15:12 AM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0: 6.4 MEDIUM