Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
.NET Framework Number Of NVD 174 CRITICAL 6 HIGH 124 MEDIUM 41 LOW 3
URL https://dotnet.microsoft.com/
Explanation NET Framework is a managed execution environment for Windows that provides a variety of services to running apps. NET Framework is a managed execution environment for Windows that provides a variety of services to running apps. It consists of the Common Language Runtime (CLR), an execution engine that handles running apps, and the .NET Framework class libraries, which are validated, reusable code libraries that developers can call from their own apps. The .NET Framework provides the following services to running apps

Translated and excerpted from [https://docs.microsoft.com/ja-jp/dotnet/framework/get-started/]
Tag
  • C#
  • VB.NET
Add Information URL
No Type Name URL
1 https://dotnet.microsoft.com/download/dotnet-framework
2 https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed
3 https://dotnet.microsoft.com/en-us/platform/support/policy/dotnet-core
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
51 .NET Framework 6.7 6.7.2 Nov. 8, 2021 Nov. 12, 2024 0 0 0 0
52 .NET Framework 4.8 4.8.1 April 18, 2019 3 34 7 1
53 .NET Framework 4.7 4.7.2 April 5, 2017 5 50 9 1
54 .NET Framework 4.6 4.6.2 July 20, 2015 6 64 14 1
55 .NET Framework 4.5 4.5.2 Aug. 15, 2012 Jan. 12, 2016 4 61 18 1
56 .NET Framework 4.0 April 12, 2010 Jan. 12, 2016 0 44 13 1
57 .NET Framework 3.5 SP1 Aug. 11, 2008 Oct. 10, 2028 6 98 25 3
58 .NET Framework 3.5 Nov. 19, 2007 July 12, 2011 6 98 25 3
59 .NET Framework 3.0 Nov. 6, 2006 July 12, 2011 5 51 9 1
60 .NET Framework 2.0 Oct. 27, 2005 July 12, 2011 4 89 25 3
61 .NET Framework 1.1 April 9, 2003 Oct. 8, 2013 0 27 10 1
62 .NET Framework 1.0 Jan. 15, 2002 July 14, 2009 0 18 8 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
51 7.5
5.0 		HIGH
Network 		An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure V… CWE-200
Information Exposure 		CVE-2019-0545 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 13:16
2019-01-9 		Show GitHub Exploit DB Packet Storm
52 9.8
10.0 		CRITICAL
Network 		A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET … CWE-94
Code Injection 		CVE-2018-8540 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7.2:*
cpe:2.3:a:microsoft:.net_fram… 		2024-11-21 13:14
2018-12-12 		Show GitHub Exploit DB Packet Storm
53 7.5
5.0 		HIGH
Network 		A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6, … NVD-CWE-noinfo
CVE-2018-8517 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7.2:*
cpe:2.3:a:microsoft:.net_fram… 		2024-11-21 13:13
2018-12-12 		Show GitHub Exploit DB Packet Storm
54 9.8
10.0 		CRITICAL
Network 		A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input, aka ".NET Framework Remote Code Execution Vulnerability." This affects Microsoft .NET Framework 4… CWE-20
 Improper Input Validation  		CVE-2018-8421 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 13:13
2018-09-13 		Show GitHub Exploit DB Packet Storm
55 7.5
5.0 		HIGH
Network 		An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka ".NET Framework Information Disclosure … CWE-200
Information Exposure 		CVE-2018-8360 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 13:13
2018-08-16 		Show GitHub Exploit DB Packet Storm
56 8.8
6.8 		HIGH
Network 		A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka ".NET Framework Remote Code Execution Vulnerability." This affects .NET… CWE-20
 Improper Input Validation  		CVE-2018-8260 cpe:2.3:a:microsoft:.net_framework:4.7.2:* 2024-11-21 13:13
2018-07-11 		Show GitHub Exploit DB Packet Storm
57 5.5
2.1 		MEDIUM
Local 		A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affect… CWE-295
Improper Certificate Validation  		CVE-2018-8356 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 13:13
2018-07-11 		Show GitHub Exploit DB Packet Storm
58 8.1
9.3 		HIGH
Network 		A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET … CWE-94
Code Injection 		CVE-2018-8284 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 13:13
2018-07-11 		Show GitHub Exploit DB Packet Storm
59 7.8
7.2 		HIGH
Local 		An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affect… NVD-CWE-noinfo
CVE-2018-8202 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 13:13
2018-07-11 		Show GitHub Exploit DB Packet Storm
60 7.8
4.6 		HIGH
Local 		A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This af… NVD-CWE-noinfo
CVE-2018-1039 cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framework:4.7:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 12:59
2018-05-10 		Show GitHub Exploit DB Packet Storm