Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft asp.net core 1.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-8700
ASP.NET Core 1.0, 1.1, and 2.0 allow an malicious user to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 2.0
1 Article
8.8
CVSSv3
CVE-2018-0787
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 2.0
7.5
CVSSv3
CVE-2018-0808
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784.
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 2.0
1 Article
7.5
CVSSv3
CVE-2018-8171
A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 2.0
Microsoft Asp.net Webpages 3.2.3
Microsoft Asp.net Model View Controller 5.2
5.5
CVSSv3
CVE-2018-8356
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Fr...
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft Powershell Core 6.1
Microsoft Powershell Core 6.0
Microsoft .net Core 2.0
Microsoft .net Core 1.0
Microsoft .net Core 1.1
Microsoft .net Framework Developer Pack 4.7.2
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 2.0
6.5
CVSSv3
CVE-2018-0785
ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability".
Microsoft Asp.net Core 2.0
1 Article
8.8
CVSSv3
CVE-2018-0784
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.
Microsoft Asp.net Core 2.0
7.5
CVSSv3
CVE-2017-0247
A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc ...
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.1.0
Microsoft Microsoft.aspnetcore.mvc.cors 1.1.0
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.0.2
Microsoft Microsoft.aspnetcore.mvc.localization 1.1.1
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.0.3
Microsoft Microsoft.aspnetcore.mvc.taghelpers 1.0.3
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.1.1
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.2
Microsoft Microsoft.aspnetcore.mvc.formatters.xml 1.1.1
Microsoft Microsoft.aspnetcore.mvc.webapicompatshim 1.0.3
Microsoft Microsoft.aspnetcore.mvc.dataannotations 1.1.1
Microsoft System.net.security 4.0.0
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.0.2
Microsoft System.text.encodings.web 4.0.0
Microsoft Microsoft.aspnetcore.mvc.razor 1.1.0
Microsoft Microsoft.aspnetcore.mvc.razor.host 1.1.0
Microsoft Microsoft.aspnetcore.mvc.razor 1.0.0
Microsoft Microsoft.aspnetcore.mvc.localization 1.0.2
Microsoft Microsoft.aspnetcore.mvc.viewfeatures 1.1.2
Microsoft Microsoft.aspnetcore.mvc.razor 1.0.3
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.0.3
Microsoft Microsoft.aspnetcore.mvc.formatters.xml 1.0.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started