) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Entity Framework
- Search Type: Search All
- CPE Name Search: false
- CPE Vendor: cpe:/:microsoft
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-3255 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka ".NET Information Disclosure Vulnerability." Published: July 12, 2016; 9:59:16 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2015-6096 |
The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka ".NET Information Disclosure Vulnerability." Published: November 11, 2015; 7:59:35 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2012-2519 |
Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .NET application, aka ".NET Framework Insecure Library Loading Vulnerability." Published: November 13, 2012; 7:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.9 HIGH |