Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
.NET Framework Number Of NVD 174 CRITICAL 6 HIGH 124 MEDIUM 41 LOW 3
URL https://dotnet.microsoft.com/
Explanation NET Framework is a managed execution environment for Windows that provides a variety of services to running apps. NET Framework is a managed execution environment for Windows that provides a variety of services to running apps. It consists of the Common Language Runtime (CLR), an execution engine that handles running apps, and the .NET Framework class libraries, which are validated, reusable code libraries that developers can call from their own apps. The .NET Framework provides the following services to running apps

Translated and excerpted from [https://docs.microsoft.com/ja-jp/dotnet/framework/get-started/]
Tag
  • C#
  • VB.NET
Add Information URL
No Type Name URL
1 https://dotnet.microsoft.com/download/dotnet-framework
2 https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed
3 https://dotnet.microsoft.com/en-us/platform/support/policy/dotnet-core
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
81 .NET Framework 6.7 6.7.2 Nov. 8, 2021 Nov. 12, 2024 0 0 0 0
82 .NET Framework 4.8 4.8.1 April 18, 2019 3 34 7 1
83 .NET Framework 4.7 4.7.2 April 5, 2017 5 50 9 1
84 .NET Framework 4.6 4.6.2 July 20, 2015 6 64 14 1
85 .NET Framework 4.5 4.5.2 Aug. 15, 2012 Jan. 12, 2016 4 61 18 1
86 .NET Framework 4.0 April 12, 2010 Jan. 12, 2016 0 44 13 1
87 .NET Framework 3.5 SP1 Aug. 11, 2008 Oct. 10, 2028 6 98 25 3
88 .NET Framework 3.5 Nov. 19, 2007 July 12, 2011 6 98 25 3
89 .NET Framework 3.0 Nov. 6, 2006 July 12, 2011 5 51 9 1
90 .NET Framework 2.0 Oct. 27, 2005 July 12, 2011 4 89 25 3
91 .NET Framework 1.1 April 9, 2003 Oct. 8, 2013 0 27 10 1
92 .NET Framework 1.0 Jan. 15, 2002 July 14, 2009 0 18 8 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
81 -
5.0 		MEDIUM Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability." CWE-17
Code 		CVE-2015-2526 cpe:2.3:a:microsoft:.net_framework:4.6:*
cpe:2.3:a:microsoft:.net_framework:4.5:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 11:27
2015-09-9 		Show GitHub Exploit DB Packet Storm
82 -
9.3 		HIGH Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 improperly counts objects before performing an array copy, which allows remote attackers to (1) execute arbitrary code via … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2015-2504 cpe:2.3:a:microsoft:.net_framework:4.6:*
cpe:2.3:a:microsoft:.net_framework:4.5:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 11:27
2015-09-9 		Show GitHub Exploit DB Packet Storm
83 -
9.3 		HIGH The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-2481 cpe:2.3:a:microsoft:.net_framework:4.6:* 2024-11-21 11:27
2015-08-15 		Show GitHub Exploit DB Packet Storm
84 -
9.3 		HIGH The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-2480 cpe:2.3:a:microsoft:.net_framework:4.6:* 2024-11-21 11:27
2015-08-15 		Show GitHub Exploit DB Packet Storm
85 -
9.3 		HIGH The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2015-2479 cpe:2.3:a:microsoft:.net_framework:4.6:* 2024-11-21 11:27
2015-08-15 		Show GitHub Exploit DB Packet Storm
86 -
9.3 		HIGH Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Me… CWE-20
 Improper Input Validation  		CVE-2015-2464 cpe:2.3:a:microsoft:.net_framework:4.6:*
cpe:2.3:a:microsoft:.net_framework:4.5:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 11:27
2015-08-15 		Show GitHub Exploit DB Packet Storm
87 -
9.3 		HIGH Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Me… CWE-20
 Improper Input Validation  		CVE-2015-2463 cpe:2.3:a:microsoft:.net_framework:4.6:*
cpe:2.3:a:microsoft:.net_framework:4.5:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 11:27
2015-08-15 		Show GitHub Exploit DB Packet Storm
88 -
9.3 		HIGH ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows… CWE-20
 Improper Input Validation  		CVE-2015-2462 cpe:2.3:a:microsoft:.net_framework:4.6:*
cpe:2.3:a:microsoft:.net_framework:4.5:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 11:27
2015-08-15 		Show GitHub Exploit DB Packet Storm
89 -
9.3 		HIGH ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows… CWE-20
 Improper Input Validation  		CVE-2015-2460 cpe:2.3:a:microsoft:.net_framework:4.6:*
cpe:2.3:a:microsoft:.net_framework:4.5:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 11:27
2015-08-15 		Show GitHub Exploit DB Packet Storm
90 -
9.3 		HIGH Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 … CWE-20
 Improper Input Validation  		CVE-2015-2456 cpe:2.3:a:microsoft:.net_framework:4.6:*
cpe:2.3:a:microsoft:.net_framework:4.5:*
cpe:2.3:a:microsoft:.net_framew… 		2024-11-21 11:27
2015-08-15 		Show GitHub Exploit DB Packet Storm