Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft asp.net vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0768
Microsoft ASP.Net 1.1 allows remote malicious users to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.
Microsoft Asp.net 1.1
NA
CVE-2010-2088
ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote malicious users to conduct cross-site scripting (XSS) attacks against the form control via the __VIEWSTATE parameter.
Microsoft Asp.net 3.5
1 Github repository
7.5
CVSSv3
CVE-2020-1597
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without auth...
Microsoft Asp.net Core 2.1
Microsoft Asp.net Core 3.1
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
Fedoraproject Fedora 32
Fedoraproject Fedora 33
8.8
CVSSv3
CVE-2017-11879
ASP.NET Core 2.0 allows an malicious user to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".
Microsoft Asp.net Core 2.0
8.8
CVSSv3
CVE-2018-0784
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0808.
Microsoft Asp.net Core 2.0
6.5
CVSSv3
CVE-2018-0785
ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability".
Microsoft Asp.net Core 2.0
1 Article
7.5
CVSSv3
CVE-2019-0815
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
Microsoft Asp.net Core 2.2
1 Article
7.5
CVSSv3
CVE-2024-21386
.NET Denial of Service Vulnerability
Microsoft Asp.net Core
Microsoft Visual Studio 2022
7.5
CVSSv3
CVE-2024-21404
.NET Denial of Service Vulnerability
Microsoft Asp.net Core
Microsoft Visual Studio 2022
7.5
CVSSv3
CVE-2018-8409
A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.
Microsoft .net Core
Microsoft Asp.net Core
Microsoft System.io.pipelines 4.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »