Microsoft Net

Do you want an email whenever new security vulnerabilities are reported in Microsoft Net?

Recent Microsoft Net Security Advisories

Advisory	Title	Published
CVE-2024-28917	Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability	April 9, 2024
CVE-2024-29990	Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability	April 9, 2024
CVE-2024-21409	.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability	April 9, 2024
CVE-2024-29992	Azure Identity Library for .NET Information Disclosure Vulnerability	April 9, 2024
CVE-2024-29059	.NET Framework Information Disclosure Vulnerability	March 22, 2024
CVE-2024-21392	.NET and Visual Studio Denial of Service Vulnerability	March 12, 2024
CVE-2024-21418	Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability	March 12, 2024
CVE-2024-21400	Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability	March 12, 2024
CVE-2024-21404	.NET Denial of Service Vulnerability	February 13, 2024
CVE-2024-21403	Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability	February 13, 2024

By the Year

In 2024 there have been 4 vulnerabilities in Microsoft Net with an average score of 8.2 out of ten. Last year Net had 28 security vulnerabilities published. Right now, Net is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.64.

Year	Vulnerabilities	Average Score
2024	4	8.20
2023	28	7.56
2022	10	7.05
2021	8	6.76
2020	2	7.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Net vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Net Security Vulnerabilities

Microsoft Identity Denial of service vulnerability

CVE-2024-21319 6.8 - Medium - January 09, 2024

Microsoft Identity Denial of service vulnerability

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

CVE-2024-0056 8.7 - High - January 09, 2024

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

CVE-2024-0057 9.8 - Critical - January 09, 2024

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

.NET Denial of Service Vulnerability

CVE-2024-20672 7.5 - High - January 09, 2024

.NET Denial of Service Vulnerability

ASP.NET Core - Security Feature Bypass Vulnerability

CVE-2023-36558 5.5 - Medium - November 14, 2023

ASP.NET Core - Security Feature Bypass Vulnerability

ASP.NET Core Denial of Service Vulnerability

CVE-2023-36038 7.5 - High - November 14, 2023

ASP.NET Core Denial of Service Vulnerability

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-36049 9.8 - Critical - November 14, 2023

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

Microsoft QUIC Denial of Service Vulnerability

CVE-2023-38171 7.5 - High - October 10, 2023

Microsoft QUIC Denial of Service Vulnerability

Microsoft QUIC Denial of Service Vulnerability

CVE-2023-36435 7.5 - High - October 10, 2023

Microsoft QUIC Denial of Service Vulnerability

The HTTP/2 protocol

CVE-2023-44487 7.5 - High - October 10, 2023

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Resource Exhaustion

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36793 7.8 - High - September 12, 2023

Visual Studio Remote Code Execution Vulnerability

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2023-36799 6.5 - Medium - September 12, 2023

.NET Core and Visual Studio Denial of Service Vulnerability

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36796 7.8 - High - September 12, 2023

Visual Studio Remote Code Execution Vulnerability

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36794 7.8 - High - September 12, 2023

Visual Studio Remote Code Execution Vulnerability

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36792 7.8 - High - September 12, 2023

Visual Studio Remote Code Execution Vulnerability

ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability

CVE-2023-35391 7.5 - High - August 08, 2023

ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

CVE-2023-38180 7.5 - High - August 08, 2023

.NET and Visual Studio Denial of Service Vulnerability

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2023-38178 7.5 - High - August 08, 2023

.NET Core and Visual Studio Denial of Service Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-35390 7.8 - High - August 08, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

CVE-2023-33170 8.1 - High - July 11, 2023

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

Race Condition

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-33127 8.1 - High - July 11, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

CVE-2023-24895 7.8 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

CVE-2023-24897 7.8 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVE-2023-29331 7.5 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-24936 7.5 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-32032 6.5 - Medium - June 14, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-33126 7.3 - High - June 14, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-33128 7.3 - High - June 14, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-33135 7.3 - High - June 14, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability

.NET DLL Hijacking Remote Code Execution Vulnerability

CVE-2023-28260 7.8 - High - April 11, 2023

.NET DLL Hijacking Remote Code Execution Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-21808 7.8 - High - February 14, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

.NET Denial of Service Vulnerability

CVE-2023-21538 7.5 - High - January 10, 2023

.NET Denial of Service Vulnerability

NuGet Client Elevation of Privilege Vulnerability

CVE-2022-41032 7.8 - High - October 11, 2022

NuGet Client Elevation of Privilege Vulnerability

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2022-38013 7.5 - High - September 13, 2022

.NET Core and Visual Studio Denial of Service Vulnerability

.NET Spoofing Vulnerability

CVE-2022-34716 5.9 - Medium - August 09, 2022

.NET Spoofing Vulnerability

.NET and Visual Studio Information Disclosure Vulnerability

CVE-2022-30184 5.5 - Medium - June 15, 2022

.NET and Visual Studio Information Disclosure Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-29117 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-23267 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-29145 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2022-24512 6.3 - Medium - March 09, 2022

.NET and Visual Studio Remote Code Execution Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-24464 7.5 - High - March 09, 2022

.NET and Visual Studio Denial of Service Vulnerability

.NET Denial of Service Vulnerability

CVE-2022-21986 7.5 - High - February 09, 2022

.NET Denial of Service Vulnerability

.NET Core and Visual Studio Information Disclosure Vulnerability

CVE-2021-41355 5.7 - Medium - October 13, 2021

.NET Core and Visual Studio Information Disclosure Vulnerability

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2021-26423 7.5 - High - August 12, 2021

.NET Core and Visual Studio Denial of Service Vulnerability

.NET Core and Visual Studio Information Disclosure Vulnerability

CVE-2021-34485 5 - Medium - August 12, 2021

.NET Core and Visual Studio Information Disclosure Vulnerability

ASP.NET Denial of Service Vulnerability

CVE-2021-31957 5.9 - Medium - June 08, 2021

ASP.NET Denial of Service Vulnerability

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2021-31204 7.3 - High - May 11, 2021

.NET and Visual Studio Elevation of Privilege Vulnerability

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2021-1721 6.5 - Medium - February 25, 2021

.NET Core and Visual Studio Denial of Service Vulnerability

.NET Core Remote Code Execution Vulnerability

CVE-2021-24112 8.1 - High - February 25, 2021

.NET Core Remote Code Execution Vulnerability

.NET Core Remote Code Execution Vulnerability

CVE-2021-26701 8.1 - High - February 25, 2021

.NET Core Remote Code Execution Vulnerability

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash

CVE-2020-8927 6.5 - Medium - September 15, 2020

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

Classic Buffer Overflow

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests

CVE-2020-1108 7.5 - High - May 21, 2020

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Net or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Net
Product

Microsoft Net

Recent Microsoft Net Security Advisories

By the Year

Recent Microsoft Net Security Vulnerabilities

Microsoft Identity Denial of service vulnerability CVE-2024-21319 6.8 - Medium - January 09, 2024

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 8.7 - High - January 09, 2024

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability CVE-2024-0057 9.8 - Critical - January 09, 2024

.NET Denial of Service Vulnerability CVE-2024-20672 7.5 - High - January 09, 2024

ASP.NET Core - Security Feature Bypass Vulnerability CVE-2023-36558 5.5 - Medium - November 14, 2023

ASP.NET Core Denial of Service Vulnerability CVE-2023-36038 7.5 - High - November 14, 2023

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability CVE-2023-36049 9.8 - Critical - November 14, 2023

Microsoft QUIC Denial of Service Vulnerability CVE-2023-38171 7.5 - High - October 10, 2023

Microsoft QUIC Denial of Service Vulnerability CVE-2023-36435 7.5 - High - October 10, 2023

The HTTP/2 protocol CVE-2023-44487 7.5 - High - October 10, 2023

Visual Studio Remote Code Execution Vulnerability CVE-2023-36793 7.8 - High - September 12, 2023

.NET Core and Visual Studio Denial of Service Vulnerability CVE-2023-36799 6.5 - Medium - September 12, 2023

Visual Studio Remote Code Execution Vulnerability CVE-2023-36796 7.8 - High - September 12, 2023

Visual Studio Remote Code Execution Vulnerability CVE-2023-36794 7.8 - High - September 12, 2023

Visual Studio Remote Code Execution Vulnerability CVE-2023-36792 7.8 - High - September 12, 2023

ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability CVE-2023-35391 7.5 - High - August 08, 2023

.NET and Visual Studio Denial of Service Vulnerability CVE-2023-38180 7.5 - High - August 08, 2023

.NET Core and Visual Studio Denial of Service Vulnerability CVE-2023-38178 7.5 - High - August 08, 2023

.NET and Visual Studio Remote Code Execution Vulnerability CVE-2023-35390 7.8 - High - August 08, 2023

ASP.NET and Visual Studio Security Feature Bypass Vulnerability CVE-2023-33170 8.1 - High - July 11, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability CVE-2023-33127 8.1 - High - July 11, 2023

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability CVE-2023-24895 7.8 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability CVE-2023-24897 7.8 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability CVE-2023-29331 7.5 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability CVE-2023-24936 7.5 - High - June 14, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability CVE-2023-32032 6.5 - Medium - June 14, 2023

.NET and Visual Studio Remote Code Execution Vulnerability CVE-2023-33126 7.3 - High - June 14, 2023

.NET and Visual Studio Remote Code Execution Vulnerability CVE-2023-33128 7.3 - High - June 14, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability CVE-2023-33135 7.3 - High - June 14, 2023

.NET DLL Hijacking Remote Code Execution Vulnerability CVE-2023-28260 7.8 - High - April 11, 2023

.NET and Visual Studio Remote Code Execution Vulnerability CVE-2023-21808 7.8 - High - February 14, 2023

.NET Denial of Service Vulnerability CVE-2023-21538 7.5 - High - January 10, 2023

NuGet Client Elevation of Privilege Vulnerability CVE-2022-41032 7.8 - High - October 11, 2022

.NET Core and Visual Studio Denial of Service Vulnerability CVE-2022-38013 7.5 - High - September 13, 2022

.NET Spoofing Vulnerability CVE-2022-34716 5.9 - Medium - August 09, 2022

.NET and Visual Studio Information Disclosure Vulnerability CVE-2022-30184 5.5 - Medium - June 15, 2022

.NET and Visual Studio Denial of Service Vulnerability CVE-2022-29117 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability CVE-2022-23267 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability CVE-2022-29145 7.5 - High - May 10, 2022

.NET and Visual Studio Remote Code Execution Vulnerability CVE-2022-24512 6.3 - Medium - March 09, 2022

.NET and Visual Studio Denial of Service Vulnerability CVE-2022-24464 7.5 - High - March 09, 2022

.NET Denial of Service Vulnerability CVE-2022-21986 7.5 - High - February 09, 2022

.NET Core and Visual Studio Information Disclosure Vulnerability CVE-2021-41355 5.7 - Medium - October 13, 2021

.NET Core and Visual Studio Denial of Service Vulnerability CVE-2021-26423 7.5 - High - August 12, 2021

.NET Core and Visual Studio Information Disclosure Vulnerability CVE-2021-34485 5 - Medium - August 12, 2021

ASP.NET Denial of Service Vulnerability CVE-2021-31957 5.9 - Medium - June 08, 2021

.NET and Visual Studio Elevation of Privilege Vulnerability CVE-2021-31204 7.3 - High - May 11, 2021

.NET Core and Visual Studio Denial of Service Vulnerability CVE-2021-1721 6.5 - Medium - February 25, 2021

.NET Core Remote Code Execution Vulnerability CVE-2021-24112 8.1 - High - February 25, 2021

.NET Core Remote Code Execution Vulnerability CVE-2021-26701 8.1 - High - February 25, 2021

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash CVE-2020-8927 6.5 - Medium - September 15, 2020

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests CVE-2020-1108 7.5 - High - May 21, 2020

Stay on top of Security Vulnerabilities

Microsoft Vendor

Microsoft NetProduct

Microsoft Identity Denial of service vulnerability

CVE-2024-21319 6.8 - Medium - January 09, 2024

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

CVE-2024-0056 8.7 - High - January 09, 2024

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

CVE-2024-0057 9.8 - Critical - January 09, 2024

.NET Denial of Service Vulnerability

CVE-2024-20672 7.5 - High - January 09, 2024

ASP.NET Core - Security Feature Bypass Vulnerability

CVE-2023-36558 5.5 - Medium - November 14, 2023

ASP.NET Core Denial of Service Vulnerability

CVE-2023-36038 7.5 - High - November 14, 2023

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-36049 9.8 - Critical - November 14, 2023

Microsoft QUIC Denial of Service Vulnerability

CVE-2023-38171 7.5 - High - October 10, 2023

Microsoft QUIC Denial of Service Vulnerability

CVE-2023-36435 7.5 - High - October 10, 2023

The HTTP/2 protocol

CVE-2023-44487 7.5 - High - October 10, 2023

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36793 7.8 - High - September 12, 2023

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2023-36799 6.5 - Medium - September 12, 2023

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36796 7.8 - High - September 12, 2023

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36794 7.8 - High - September 12, 2023

Visual Studio Remote Code Execution Vulnerability

CVE-2023-36792 7.8 - High - September 12, 2023

ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability

CVE-2023-35391 7.5 - High - August 08, 2023

.NET and Visual Studio Denial of Service Vulnerability

CVE-2023-38180 7.5 - High - August 08, 2023

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2023-38178 7.5 - High - August 08, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-35390 7.8 - High - August 08, 2023

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

CVE-2023-33170 8.1 - High - July 11, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-33127 8.1 - High - July 11, 2023

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

CVE-2023-24895 7.8 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

CVE-2023-24897 7.8 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVE-2023-29331 7.5 - High - June 14, 2023

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-24936 7.5 - High - June 14, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-32032 6.5 - Medium - June 14, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-33126 7.3 - High - June 14, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-33128 7.3 - High - June 14, 2023

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-33135 7.3 - High - June 14, 2023

.NET DLL Hijacking Remote Code Execution Vulnerability

CVE-2023-28260 7.8 - High - April 11, 2023

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2023-21808 7.8 - High - February 14, 2023

.NET Denial of Service Vulnerability

CVE-2023-21538 7.5 - High - January 10, 2023

NuGet Client Elevation of Privilege Vulnerability

CVE-2022-41032 7.8 - High - October 11, 2022

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2022-38013 7.5 - High - September 13, 2022

.NET Spoofing Vulnerability

CVE-2022-34716 5.9 - Medium - August 09, 2022

.NET and Visual Studio Information Disclosure Vulnerability

CVE-2022-30184 5.5 - Medium - June 15, 2022

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-29117 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-23267 7.5 - High - May 10, 2022

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-29145 7.5 - High - May 10, 2022

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2022-24512 6.3 - Medium - March 09, 2022

.NET and Visual Studio Denial of Service Vulnerability

CVE-2022-24464 7.5 - High - March 09, 2022

.NET Denial of Service Vulnerability

CVE-2022-21986 7.5 - High - February 09, 2022

.NET Core and Visual Studio Information Disclosure Vulnerability

CVE-2021-41355 5.7 - Medium - October 13, 2021

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2021-26423 7.5 - High - August 12, 2021

.NET Core and Visual Studio Information Disclosure Vulnerability

CVE-2021-34485 5 - Medium - August 12, 2021

ASP.NET Denial of Service Vulnerability

CVE-2021-31957 5.9 - Medium - June 08, 2021

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2021-31204 7.3 - High - May 11, 2021

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2021-1721 6.5 - Medium - February 25, 2021

.NET Core Remote Code Execution Vulnerability

CVE-2021-24112 8.1 - High - February 25, 2021

.NET Core Remote Code Execution Vulnerability

CVE-2021-26701 8.1 - High - February 25, 2021

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash

CVE-2020-8927 6.5 - Medium - September 15, 2020

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests

CVE-2020-1108 7.5 - High - May 21, 2020

Microsoft
Vendor

Microsoft Net
Product