.NET 6.0 Security Vulnerabilities

CVE-2024-21409

.NET, .NET Framework, and Visual Studio Remote Code Execution...

CVE-2024-21404

.NET Denial of Service...

CVE-2024-21319

Microsoft Identity Denial of service...

CVE-2024-20672

.NET Denial of Service...

CVE-2024-0057

NET, .NET Framework, and Visual Studio Security Feature Bypass...

CVE-2024-0056

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass...

CVE-2023-36558

ASP.NET Core - Security Feature Bypass...

CVE-2023-36049

.NET, .NET Framework, and Visual Studio Elevation of Privilege...

CVE-2023-36799

.NET Core and Visual Studio Denial of Service...

CVE-2023-36796

Visual Studio Remote Code Execution...

CVE-2023-36792

Visual Studio Remote Code Execution...

CVE-2023-36793

Visual Studio Remote Code Execution...

CVE-2023-36794

Visual Studio Remote Code Execution...

CVE-2023-38180

.NET and Visual Studio Denial of Service...

CVE-2023-35391

ASP.NET Core SignalR and Visual Studio Information Disclosure...

CVE-2023-38178

.NET Core and Visual Studio Denial of Service...

CVE-2023-35390

.NET and Visual Studio Remote Code Execution...

CVE-2023-33170

ASP.NET and Visual Studio Security Feature Bypass...

CVE-2023-33127

.NET and Visual Studio Elevation of Privilege...

CVE-2023-24936

.NET, .NET Framework, and Visual Studio Elevation of Privilege...

CVE-2023-24897

.NET, .NET Framework, and Visual Studio Remote Code Execution...

CVE-2023-29331

.NET, .NET Framework, and Visual Studio Denial of Service...

CVE-2023-33135

.NET and Visual Studio Elevation of Privilege...

CVE-2023-33126

.NET and Visual Studio Remote Code Execution...

CVE-2023-33128

.NET and Visual Studio Remote Code Execution...

CVE-2023-28260

.NET DLL Hijacking Remote Code Execution...

CVE-2023-21808

.NET and Visual Studio Remote Code Execution...

CVE-2023-21538

.NET Denial of Service...

CVE-2022-41089

.NET Framework Remote Code Execution...

CVE-2022-41032

NuGet Client Elevation of Privilege...

CVE-2022-38013

.NET Core and Visual Studio Denial of Service...

CVE-2022-34716

.NET Spoofing...

CVE-2022-30184

.NET and Visual Studio Information Disclosure...

CVE-2022-23267

.NET and Visual Studio Denial of Service...

CVE-2022-29117

.NET and Visual Studio Denial of Service...

CVE-2022-29145

.NET and Visual Studio Denial of Service...

CVE-2022-24464

.NET and Visual Studio Denial of Service...

CVE-2022-24512

.NET and Visual Studio Remote Code Execution...

CVE-2022-21986

.NET Denial of Service...

CVE-2019-13946

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable...

CVE-2019-0657

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing...

CVE-2018-8292

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core...

CVE-2018-8356

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework...

CVE-2018-0875

.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service...

CVE-2018-0786

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass...

CVE-2018-0764

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from...

CVE-2008-6854

Xigla Software Absolute FAQ Manager.NET 6.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain...

CVE-2008-4255

Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote....

CVE-2008-4256

The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted.....

CVE-2008-4252

The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of...