) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:.net_core:3.1:-:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2022-41032 |
NuGet Client Elevation of Privilege Vulnerability. Published: October 11, 2022; 3:15:20 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-38013 |
.NET Core and Visual Studio Denial of Service Vulnerability. Published: September 13, 2022; 3:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-34716 |
.NET Spoofing Vulnerability Published: August 09, 2022; 4:15:11 PM -0400 |
V3.1: 5.9 MEDIUM V2.0:(not available) |
| CVE-2022-30184 |
.NET and Visual Studio Information Disclosure Vulnerability. Published: June 15, 2022; 6:15:15 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2022-29145 |
.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29117. Published: May 10, 2022; 5:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2022-29117 |
.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145. Published: May 10, 2022; 5:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2022-23267 |
.NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-29117, CVE-2022-29145. Published: May 10, 2022; 5:15:09 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2022-24512 |
.NET and Visual Studio Remote Code Execution Vulnerability. Published: March 09, 2022; 12:15:15 PM -0500 |
V3.1: 6.3 MEDIUM V2.0: 6.8 MEDIUM |
| CVE-2022-24464 |
.NET and Visual Studio Denial of Service Vulnerability. Published: March 09, 2022; 12:15:14 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2021-34485 |
.NET Core and Visual Studio Information Disclosure Vulnerability Published: August 12, 2021; 2:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-26423 |
.NET Core and Visual Studio Denial of Service Vulnerability Published: August 12, 2021; 2:15:08 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2021-31957 |
ASP.NET Denial of Service Vulnerability Published: June 08, 2021; 7:15:08 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2021-31204 |
.NET and Visual Studio Elevation of Privilege Vulnerability Published: May 11, 2021; 3:15:10 PM -0400 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2021-26701 |
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112. Published: February 25, 2021; 6:15:16 PM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2021-24112 |
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26701. Published: February 25, 2021; 6:15:16 PM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2021-1721 |
.NET Core and Visual Studio Denial of Service Vulnerability Published: February 25, 2021; 6:15:13 PM -0500 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2020-8927 |
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. Published: September 15, 2020; 6:15:12 AM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.4 MEDIUM |
| CVE-2020-1147 |
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'. Published: July 14, 2020; 7:15:12 PM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2020-1108 |
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. Published: May 21, 2020; 7:15:14 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2020-0606 |
A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0605. Published: January 14, 2020; 6:15:30 PM -0500 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |