Microsoft Powershell Core
By the Year
In 2024 there have been 0 vulnerabilities in Microsoft Powershell Core . Powershell Core did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 4 | 6.78 |
| 2020 | 1 | 7.50 |
| 2019 | 6 | 6.82 |
| 2018 | 7 | 7.44 |
It may take a day or so for new Powershell Core vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Powershell Core Security Vulnerabilities
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-26423
7.5 - High
- August 12, 2021
.NET Core and Visual Studio Denial of Service Vulnerability
.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-34485
5 - Medium
- August 12, 2021
.NET Core and Visual Studio Information Disclosure Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-1721
6.5 - Medium
- February 25, 2021
.NET Core and Visual Studio Denial of Service Vulnerability
.NET Core Remote Code Execution Vulnerability
CVE-2021-26701
8.1 - High
- February 25, 2021
.NET Core Remote Code Execution Vulnerability
.NET Core Remote Code Execution Vulnerability
CVE-2021-26701
8.1 - High
- February 25, 2021
.NET Core Remote Code Execution Vulnerability
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests
CVE-2020-1108
7.5 - High
- May 21, 2020
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.
A denial of service vulnerability exists when .NET Core improperly handles web requests
CVE-2019-1301
7.5 - High
- September 11, 2019
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could
CVE-2019-1167
4.1 - Medium
- July 19, 2019
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.
A security feature bypass vulnerability exists in Windows which could
CVE-2019-0632
7.8 - High
- March 05, 2019
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's
CVE-2019-0657
5.9 - Medium
- March 05, 2019
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
Improper Input Validation
A security feature bypass vulnerability exists in Windows which could
CVE-2019-0631
7.8 - High
- March 05, 2019
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632.
A security feature bypass vulnerability exists in Windows which could
CVE-2019-0627
7.8 - High
- March 05, 2019
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632.
A tampering vulnerability exists in PowerShell
CVE-2018-8415
7.8 - High
- November 14, 2018
A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
Code Injection
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files
CVE-2018-8256
8.8 - High
- November 14, 2018
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1.
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect
CVE-2018-8292
7.5 - High
- October 10, 2018
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.
Information Disclosure
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates
CVE-2018-8356
5.5 - Medium
- July 11, 2018
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.
Improper Certificate Validation
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0
CVE-2018-0875
7.5 - High
- March 14, 2018
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0
CVE-2018-0764
7.5 - High
- January 10, 2018
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765.
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0
CVE-2018-0786
7.5 - High
- January 10, 2018
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."
Improper Certificate Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Powershell Core or by Microsoft? Click the Watch button to subscribe.
