Re: .NET 4.0.30319
Looking at the CVE's, are you looking for remotely exploitable with remote code execution or authentication bypass?
Many of the ASA vulnerabilities result in DoS or device reloads, but do not allow remote access or remote code execution (i.e. the equivalent of the BlueKeep vulnerability in 2019 or CredSSP in 2018).
While I'm not disputing these are vulnerabilities, they result in "fail closed" scenarios from a risk perspective versus the "fail open" vulnerabilities with RDP which makes your statements around Microsoft being more secure than Cisco difficult to justify.