Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft asp.net core vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-43877
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability
Microsoft Asp.net Core 3.1
Microsoft Asp.net Core 5.0
Microsoft Visual Studio 2019 16.7
Microsoft Visual Studio 2019 16.9
Microsoft Visual Studio 2019 16.11
Microsoft Visual Studio 2022 17.0
Microsoft Asp.net Core 6.0
8.8
CVSSv3
CVE-2020-0603
A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execu...
Microsoft Asp.net Core 2.1
Microsoft Asp.net Core 3.0
Microsoft Asp.net Core 3.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
2 Articles
8.8
CVSSv3
CVE-2019-1302
An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'.
Microsoft Asp.net Core 2.1
Microsoft Asp.net Core 3.0
Microsoft Asp.net Core 2.2
2 Github repositories
1 Article
8.8
CVSSv3
CVE-2018-0787
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 2.0
Microsoft Asp.net Core 1.1
8.8
CVSSv3
CVE-2018-0784
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.
Microsoft Asp.net Core 2.0
8.8
CVSSv3
CVE-2017-11879
ASP.NET Core 2.0 allows an malicious user to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".
Microsoft Asp.net Core 2.0
7.5
CVSSv3
CVE-2024-21404
.NET Denial of Service Vulnerability
Microsoft Asp.net Core
Microsoft Visual Studio 2022
7.5
CVSSv3
CVE-2024-21386
.NET Denial of Service Vulnerability
Microsoft Asp.net Core
Microsoft Visual Studio 2022
7.5
CVSSv3
CVE-2023-36038
ASP.NET Core Denial of Service Vulnerability
Microsoft Visual Studio 2022
Microsoft Asp.net Core 8.0.0
1 Article
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »