U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:microsoft:.net_core:3.1:preview2:*:*:*:*:*:*
  • CPE Name Search: true
There are 14 matching records.
Displaying matches 1 through 14.
Vuln ID Summary CVSS Severity
CVE-2022-34716

.NET Spoofing Vulnerability

Published: August 09, 2022; 4:15:11 PM -0400
V3.1: 5.9 MEDIUM
V2.0:(not available)
CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability

Published: March 09, 2022; 12:15:14 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2021-34485

.NET Core and Visual Studio Information Disclosure Vulnerability

Published: August 12, 2021; 2:15:09 PM -0400
V3.1: 5.0 MEDIUM
V2.0: 2.1 LOW
CVE-2021-26423

.NET Core and Visual Studio Denial of Service Vulnerability

Published: August 12, 2021; 2:15:08 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2021-31957

ASP.NET Denial of Service Vulnerability

Published: June 08, 2021; 7:15:08 PM -0400
V3.1: 5.9 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2021-31204

.NET and Visual Studio Elevation of Privilege Vulnerability

Published: May 11, 2021; 3:15:10 PM -0400
V3.1: 7.3 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-26701

.NET Core Remote Code Execution Vulnerability

Published: February 25, 2021; 6:15:16 PM -0500
V3.1: 8.1 HIGH
V2.0: 7.5 HIGH
CVE-2021-24112

.NET Core Remote Code Execution Vulnerability

Published: February 25, 2021; 6:15:16 PM -0500
V3.1: 8.1 HIGH
V2.0: 7.5 HIGH
CVE-2021-1721

.NET Core and Visual Studio Denial of Service Vulnerability

Published: February 25, 2021; 6:15:13 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

Published: September 15, 2020; 6:15:12 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 6.4 MEDIUM
CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

Published: July 14, 2020; 7:15:12 PM -0400
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

Published: May 21, 2020; 7:15:14 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-0606

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0605.

Published: January 14, 2020; 6:15:30 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2020-0605

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0606.

Published: January 14, 2020; 6:15:30 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH