Powershell Core Microsoft Powershell Core

Do you want an email whenever new security vulnerabilities are reported in Microsoft Powershell Core?

By the Year

In 2022 there have been 0 vulnerabilities in Microsoft Powershell Core . Last year Powershell Core had 4 security vulnerabilities published. Right now, Powershell Core is on track to have less security vulnerabilities in 2022 than it did last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 4 7.33
2020 1 7.50
2019 6 6.82
2018 7 7.44

It may take a day or so for new Powershell Core vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Powershell Core Security Vulnerabilities

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2021-26423 7.5 - High - August 12, 2021

.NET Core and Visual Studio Denial of Service Vulnerability

.NET Core and Visual Studio Information Disclosure Vulnerability

CVE-2021-34485 5.5 - Medium - August 12, 2021

.NET Core and Visual Studio Information Disclosure Vulnerability

.NET Core and Visual Studio Denial of Service Vulnerability

CVE-2021-1721 6.5 - Medium - February 25, 2021

.NET Core and Visual Studio Denial of Service Vulnerability

.NET Core Remote Code Execution Vulnerability

CVE-2021-26701 9.8 - Critical - February 25, 2021

.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.

.NET Core Remote Code Execution Vulnerability

CVE-2021-26701 9.8 - Critical - February 25, 2021

.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests

CVE-2020-1108 7.5 - High - May 21, 2020

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

A denial of service vulnerability exists when .NET Core improperly handles web requests

CVE-2019-1301 7.5 - High - September 11, 2019

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could

CVE-2019-1167 4.1 - Medium - July 19, 2019

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.

A security feature bypass vulnerability exists in Windows which could

CVE-2019-0632 7.8 - High - March 05, 2019

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's

CVE-2019-0657 5.9 - Medium - March 05, 2019

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

Improper Input Validation

A security feature bypass vulnerability exists in Windows which could

CVE-2019-0631 7.8 - High - March 05, 2019

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632.

A security feature bypass vulnerability exists in Windows which could

CVE-2019-0627 7.8 - High - March 05, 2019

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632.

A tampering vulnerability exists in PowerShell

CVE-2018-8415 7.8 - High - November 14, 2018

A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Code Injection

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files

CVE-2018-8256 8.8 - High - November 14, 2018

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1.

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect

CVE-2018-8292 7.5 - High - October 10, 2018

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.

Information Disclosure

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates

CVE-2018-8356 5.5 - Medium - July 11, 2018

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

Improper Certificate Validation

.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0

CVE-2018-0875 7.5 - High - March 14, 2018

.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability".

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0

CVE-2018-0764 7.5 - High - January 10, 2018

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CVE-2018-0765.

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0

CVE-2018-0786 7.5 - High - January 10, 2018

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."

Improper Certificate Validation

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Powershell Core or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe