CVSS: 7.8EPSS: 17%CPEs: 8EXPL: 2CVE-2017-0160 – Microsoft Windows - ManagementObject Arbitrary .NET Serialization Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-0160
12 Apr 2017 — Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability." Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 y 4.7 permite a un atacante con acceso al sistema local ejecutar código malicioso, vulnerabilidad también conocida como ".NET Remote Code Execution Vulnerability". Microsoft Windows suffers from a ManagementObject arbitrary .NET serialization remote code exe... • https://packetstorm.news/files/id/142198 •
CVSS: 7.5EPSS: 37%CPEs: 1EXPL: 0CVE-2016-7270
https://notcve.org/view.php?id=CVE-2016-7270
20 Dec 2016 — The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 mishandles a developer-supplied key, which allows remote attackers to bypass the Always Encrypted protection mechanism and obtain sensitive cleartext information by leveraging key guessability, aka ".NET Information Disclosure Vulnerability." El Data Provider para SQL Server en Microsoft .NET Framework 4.6.2 no maneja correctamente una clave proporcionada por el desarrollador, lo que permite a atacantes remotos eludir el mecanismo de protecc... • http://www.securityfocus.com/bid/94741 • CWE-310: Cryptographic Issues •