Microsoft Net
Recent Microsoft Net Security Advisories
Advisory | Title | Published |
---|---|---|
CVE-2024-43470 | CVE-2024-43470 Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | September 10, 2024 |
CVE-2024-43458 | CVE-2024-43458 Windows Networking Information Disclosure Vulnerability | September 10, 2024 |
CVE-2024-38119 | CVE-2024-38119 Windows Network Address Translation (NAT) Remote Code Execution Vulnerability | September 10, 2024 |
CVE-2024-38233 | CVE-2024-38233 Windows Networking Denial of Service Vulnerability | September 10, 2024 |
CVE-2024-38234 | CVE-2024-38234 Windows Networking Denial of Service Vulnerability | September 10, 2024 |
CVE-2024-38232 | CVE-2024-38232 Windows Networking Denial of Service Vulnerability | September 10, 2024 |
CVE-2024-38188 | CVE-2024-38188 Azure Network Watcher VM Agent Elevation of Privilege Vulnerability | September 10, 2024 |
CVE-2024-38146 | CVE-2024-38146 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | August 13, 2024 |
CVE-2024-38145 | CVE-2024-38145 Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | August 13, 2024 |
CVE-2024-38132 | CVE-2024-38132 Windows Network Address Translation (NAT) Denial of Service Vulnerability | August 13, 2024 |
By the Year
In 2024 there have been 10 vulnerabilities in Microsoft Net with an average score of 7.7 out of ten. Last year Net had 28 security vulnerabilities published. Right now, Net is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.16.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 10 | 7.72 |
2023 | 28 | 7.56 |
2022 | 10 | 7.05 |
2021 | 8 | 6.76 |
2020 | 2 | 7.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Net vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Net Security Vulnerabilities
.NET and Visual Studio Information Disclosure Vulnerability
CVE-2024-38167
6.5 - Medium
- August 13, 2024
.NET and Visual Studio Information Disclosure Vulnerability
Cleartext Transmission of Sensitive Information
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38168
7.5 - High
- August 13, 2024
.NET and Visual Studio Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2024-38081
7.3 - High
- July 09, 2024
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2024-30105
7.5 - High
- July 09, 2024
.NET Core and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2024-35264
8.1 - High
- July 09, 2024
.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38095
7.5 - High
- July 09, 2024
.NET and Visual Studio Denial of Service Vulnerability
Microsoft Identity Denial of service vulnerability
CVE-2024-21319
6.8 - Medium
- January 09, 2024
Microsoft Identity Denial of service vulnerability
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
CVE-2024-0056
8.7 - High
- January 09, 2024
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
CVE-2024-0057
9.8 - Critical
- January 09, 2024
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
.NET Denial of Service Vulnerability
CVE-2024-20672
7.5 - High
- January 09, 2024
.NET Denial of Service Vulnerability
ASP.NET Core - Security Feature Bypass Vulnerability
CVE-2023-36558
5.5 - Medium
- November 14, 2023
ASP.NET Core - Security Feature Bypass Vulnerability
ASP.NET Core Denial of Service Vulnerability
CVE-2023-36038
7.5 - High
- November 14, 2023
ASP.NET Core Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-36049
9.8 - Critical
- November 14, 2023
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Microsoft QUIC Denial of Service Vulnerability
CVE-2023-36435
7.5 - High
- October 10, 2023
Microsoft QUIC Denial of Service Vulnerability
Microsoft QUIC Denial of Service Vulnerability
CVE-2023-38171
7.5 - High
- October 10, 2023
Microsoft QUIC Denial of Service Vulnerability
The HTTP/2 protocol
CVE-2023-44487
7.5 - High
- October 10, 2023
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Resource Exhaustion
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36792
7.8 - High
- September 12, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36793
7.8 - High
- September 12, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36794
7.8 - High
- September 12, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36796
7.8 - High
- September 12, 2023
Visual Studio Remote Code Execution Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2023-36799
6.5 - Medium
- September 12, 2023
.NET Core and Visual Studio Denial of Service Vulnerability
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
CVE-2023-35391
7.5 - High
- August 08, 2023
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
CVE-2023-38180
7.5 - High
- August 08, 2023
.NET and Visual Studio Denial of Service Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2023-38178
7.5 - High
- August 08, 2023
.NET Core and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-35390
7.8 - High
- August 08, 2023
.NET and Visual Studio Remote Code Execution Vulnerability
ASP.NET and Visual Studio Security Feature Bypass Vulnerability
CVE-2023-33170
8.1 - High
- July 11, 2023
ASP.NET and Visual Studio Security Feature Bypass Vulnerability
Race Condition
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33127
8.1 - High
- July 11, 2023
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2023-24897
7.8 - High
- June 14, 2023
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2023-29331
7.5 - High
- June 14, 2023
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-24936
7.5 - High
- June 14, 2023
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2023-24895
7.8 - High
- June 14, 2023
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-32032
6.5 - Medium
- June 14, 2023
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-33126
7.3 - High
- June 14, 2023
.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-33128
7.3 - High
- June 14, 2023
.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33135
7.3 - High
- June 14, 2023
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET DLL Hijacking Remote Code Execution Vulnerability
CVE-2023-28260
7.8 - High
- April 11, 2023
.NET DLL Hijacking Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-21808
7.8 - High
- February 14, 2023
.NET and Visual Studio Remote Code Execution Vulnerability
.NET Denial of Service Vulnerability
CVE-2023-21538
7.5 - High
- January 10, 2023
.NET Denial of Service Vulnerability
NuGet Client Elevation of Privilege Vulnerability
CVE-2022-41032
7.8 - High
- October 11, 2022
NuGet Client Elevation of Privilege Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2022-38013
7.5 - High
- September 13, 2022
.NET Core and Visual Studio Denial of Service Vulnerability
.NET Spoofing Vulnerability
CVE-2022-34716
5.9 - Medium
- August 09, 2022
.NET Spoofing Vulnerability
.NET and Visual Studio Information Disclosure Vulnerability
CVE-2022-30184
5.5 - Medium
- June 15, 2022
.NET and Visual Studio Information Disclosure Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-29117
7.5 - High
- May 10, 2022
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-29145
7.5 - High
- May 10, 2022
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-23267
7.5 - High
- May 10, 2022
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2022-24512
6.3 - Medium
- March 09, 2022
.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-24464
7.5 - High
- March 09, 2022
.NET and Visual Studio Denial of Service Vulnerability
.NET Denial of Service Vulnerability
CVE-2022-21986
7.5 - High
- February 09, 2022
.NET Denial of Service Vulnerability
.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-41355
5.7 - Medium
- October 13, 2021
.NET Core and Visual Studio Information Disclosure Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-26423
7.5 - High
- August 12, 2021
.NET Core and Visual Studio Denial of Service Vulnerability
.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-34485
5 - Medium
- August 12, 2021
.NET Core and Visual Studio Information Disclosure Vulnerability
ASP.NET Core Denial of Service Vulnerability
CVE-2021-31957
5.9 - Medium
- June 08, 2021
ASP.NET Core Denial of Service Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2021-31204
7.3 - High
- May 11, 2021
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET Core Remote Code Execution Vulnerability
CVE-2021-26701
8.1 - High
- February 25, 2021
.NET Core Remote Code Execution Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-1721
6.5 - Medium
- February 25, 2021
.NET Core and Visual Studio Denial of Service Vulnerability
.NET Core Remote Code Execution Vulnerability
CVE-2021-24112
8.1 - High
- February 25, 2021
.NET Core Remote Code Execution Vulnerability
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash
CVE-2020-8927
6.5 - Medium
- September 15, 2020
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.
Classic Buffer Overflow
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests
CVE-2020-1108
7.5 - High
- May 21, 2020
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Net or by Microsoft? Click the Watch button to subscribe.