Filtered by vendor Microsoft
Subscriptions
Filtered by product .net
Subscriptions
Total
110 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-35433 | 1 Microsoft | 1 .net | 2026-06-01 | 7.3 High |
| Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2020-8927 | 7 Canonical, Debian, Fedoraproject and 4 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2026-05-29 | 5.3 Medium |
| A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. | ||||
| CVE-2021-26701 | 3 Fedoraproject, Microsoft, Redhat | 8 Fedora, .net, .net Core and 5 more | 2026-05-28 | 8.1 High |
| .NET Core Remote Code Execution Vulnerability | ||||
| CVE-2023-28260 | 1 Microsoft | 4 .net, Powershell, Visual Studio and 1 more | 2026-05-28 | 7.8 High |
| .NET DLL Hijacking Remote Code Execution Vulnerability | ||||
| CVE-2022-38013 | 3 Fedoraproject, Microsoft, Redhat | 7 Fedora, .net, .net Core and 4 more | 2026-05-27 | 7.5 High |
| .NET Core and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2022-29145 | 3 Fedoraproject, Microsoft, Redhat | 7 Fedora, .net, .net Core and 4 more | 2026-05-27 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2022-29117 | 3 Fedoraproject, Microsoft, Redhat | 7 Fedora, .net, .net Core and 4 more | 2026-05-27 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2022-24512 | 3 Fedoraproject, Microsoft, Redhat | 9 Fedora, .net, .net Core and 6 more | 2026-05-27 | 6.3 Medium |
| .NET and Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2022-41089 | 1 Microsoft | 16 .net, .net Core, .net Framework and 13 more | 2026-05-27 | 7.8 High |
| .NET Framework Remote Code Execution Vulnerability | ||||
| CVE-2022-24464 | 3 Fedoraproject, Microsoft, Redhat | 7 Fedora, .net, .net Core and 4 more | 2026-05-27 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2022-23267 | 3 Fedoraproject, Microsoft, Redhat | 9 Fedora, .net, .net Core and 6 more | 2026-05-27 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2026-42899 | 3 Apple, Linux, Microsoft | 4 Macos, Linux Kernel, .net and 1 more | 2026-05-26 | 7.5 High |
| Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-32175 | 1 Microsoft | 6 .net, Microsoft Visual Studio 2022, Visual Studio 2017 and 3 more | 2026-05-26 | 4.3 Medium |
| A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the destination of the files and directories. To exploit the vulnerability, an attacker must send a specially crafted file to a vulnerable system. The security update fixes the vulnerability by ensuring .NET Core properly handles files. | ||||
| CVE-2026-32177 | 1 Microsoft | 6 .net, .net Framework, Visual Studio 2017 and 3 more | 2026-05-26 | 7.3 High |
| Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-25667 | 1 Microsoft | 2 .net, Aspnetcore | 2026-05-22 | 7.5 High |
| ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing. | ||||
| CVE-2023-44487 | 33 Akka, Amazon, Apache and 30 more | 378 Http Server, Opensearch Data Prepper, Apisix and 375 more | 2026-05-12 | 7.5 High |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | ||||
| CVE-2026-32226 | 1 Microsoft | 8 .net, .net Framework, Windows 10 1607 and 5 more | 2026-05-11 | 5.9 Medium |
| Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-23666 | 1 Microsoft | 15 .net, .net Framework, Windows 10 1607 and 12 more | 2026-05-07 | 7.5 High |
| Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-26171 | 3 Apple, Linux, Microsoft | 5 Macos, Linux Kernel, .net and 2 more | 2026-05-07 | 7.5 High |
| Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-32178 | 3 Apple, Linux, Microsoft | 5 Macos, Linux Kernel, .net and 2 more | 2026-05-07 | 7.5 High |
| Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. | ||||