Search CVE reports
1 – 10 of 53 results
CVE-2025-21176
Medium prioritySome fixes available 4 of 6
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability: Insufficient input data validation leads to heap-based buffer overflow in msdia140.dll. An attacker could exploit this vulnerability by loading a...
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2025-21173
Medium prioritySome fixes available 4 of 6
.NET Elevation of Privilege Vulnerability: Insecure Temp File Usage Allows Malicious Package Dependency Injection on Linux. An attacker could exploit this vulnerability to writing a specially crafted file in the security...
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2025-21172
Medium prioritySome fixes available 4 of 6
.NET and Visual Studio Remote Code Execution Vulnerability: Integer overflow in msdia140.dll leads to heap-based buffer overflow, leading to possible RCE. An attacker could exploit this vulnerability by loading a specially crafted...
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2025-21171
Medium prioritySome fixes available 1 of 2
.NET Remote Code Execution Vulnerability: Buffer overrun in Convert.TryToHexString. An attacker could exploit this vulnerability by sending a specially crafted request to the vulnerable web server.
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not affected | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Not affected | Not affected | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2024-43499
Medium prioritySome fixes available 1 of 2
.NET and Visual Studio Denial of Service Vulnerability
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not affected | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Not affected | Not affected | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2024-43498
Medium prioritySome fixes available 1 of 2
.NET and Visual Studio Remote Code Execution Vulnerability
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not affected | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Not affected | Not affected | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2024-43485
Medium prioritySome fixes available 4 of 5
.NET and Visual Studio Denial of Service Vulnerability
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2024-43484
Medium prioritySome fixes available 4 of 5
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2024-43483
Medium prioritySome fixes available 4 of 5
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Fixed | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2024-38229
Medium prioritySome fixes available 3 of 4
.NET and Visual Studio Remote Code Execution Vulnerability
4 affected packages
dotnet6, dotnet7, dotnet8, dotnet9
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dotnet6 | Not in release | Not affected | Not in release | Not in release | Not in release |
| dotnet7 | Not in release | Ignored | Not in release | Not in release | Not in release |
| dotnet8 | Fixed | Fixed | Not in release | Not in release | Not in release |
| dotnet9 | Not in release | Not in release | Not in release | Not in release | Not in release |