Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft asp.net core vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-0785
ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability".
Microsoft Asp.net Core 2.0
1 Article
5
CVSSv2
CVE-2017-8700
ASP.NET Core 1.0, 1.1, and 2.0 allow an malicious user to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 2.0
1 Article
4.3
CVSSv2
CVE-2017-11879
ASP.NET Core 2.0 allows an malicious user to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".
Microsoft Asp.net Core 2.0
5
CVSSv2
CVE-2017-0256
A spoofing vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.
Microsoft Asp.net Model View Controller 1.0.0
Microsoft Asp.net Model View Controller 1.0.2
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.0.0
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.0.2
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.1.0
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.0.2
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.1.0
Microsoft Asp.net Model View Controller 1.1.0
Microsoft Asp.net Model View Controller 1.1.2
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.1.1
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.1.2
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.0.0
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.0.1
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.0
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.1
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.2
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.3
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.0.3
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.1.0
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.1.1
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.1.2
Microsoft Microsoft.aspnetcore.mvc.localization 1.1.2
2 Github repositories
5
CVSSv2
CVE-2017-0247
A denial of service vulnerability exists when the ASP.NET Core fails to properly validate web requests. NOTE: Microsoft has not commented on third-party claims that the issue is that the TextEncoder.EncodeCore function in the System.Text.Encodings.Web package in ASP.NET Core Mvc ...
Microsoft Asp.net Model View Controller 1.1.0
Microsoft Asp.net Model View Controller 1.1.1
Microsoft Asp.net Model View Controller 1.1.2
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.0.0
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.1.2
Microsoft Asp.net Model View Controller 1.0.0
Microsoft Asp.net Model View Controller 1.0.1
Microsoft Asp.net Model View Controller 1.0.2
Microsoft Microsoft.aspnetcore.mvc.dataannotations 1.0.2
Microsoft Microsoft.aspnetcore.mvc.dataannotations 1.0.3
Microsoft Microsoft.aspnetcore.mvc.dataannotations 1.1.0
Microsoft Microsoft.aspnetcore.mvc.dataannotations 1.1.1
Microsoft Microsoft.aspnetcore.mvc.formatters.xml 1.1.1
Microsoft Microsoft.aspnetcore.mvc.formatters.xml 1.1.2
Microsoft Microsoft.aspnetcore.mvc.localization 1.0.0
Microsoft Microsoft.aspnetcore.mvc.localization 1.0.1
Microsoft Microsoft.aspnetcore.mvc.razor.host 1.0.0
Microsoft Microsoft.aspnetcore.mvc.razor.host 1.0.1
Microsoft Microsoft.aspnetcore.mvc.razor.host 1.0.2
Microsoft Microsoft.aspnetcore.mvc.razor.host 1.0.3
Microsoft Microsoft.aspnetcore.mvc.razor.host 1.1.0
Microsoft Microsoft.aspnetcore.mvc.viewfeatures 1.0.3
1 Github repository
7.5
CVSSv2
CVE-2017-0249
An elevation of privilege vulnerability exists when the ASP.NET Core fails to properly sanitize web requests.
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.1.0
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.1.1
Microsoft Microsoft.aspnetcore.mvc.abstractions 1.1.2
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.0.0
Microsoft Microsoft.aspnetcore.mvc.apiexplorer 1.0.1
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.0
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.1
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.2
Microsoft Microsoft.aspnetcore.mvc.cors 1.0.3
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.0.3
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.1.0
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.1.1
Microsoft Microsoft.aspnetcore.mvc.formatters.json 1.1.2
Microsoft Microsoft.aspnetcore.mvc.localization 1.1.2
Microsoft Microsoft.aspnetcore.mvc.razor 1.0.0
Microsoft Microsoft.aspnetcore.mvc.razor 1.0.1
Microsoft Microsoft.aspnetcore.mvc.razor 1.0.2
Microsoft Microsoft.aspnetcore.mvc.taghelpers 1.0.1
Microsoft Microsoft.aspnetcore.mvc.taghelpers 1.0.2
Microsoft Microsoft.aspnetcore.mvc.taghelpers 1.0.3
Microsoft Microsoft.aspnetcore.mvc.taghelpers 1.1.0
Microsoft Microsoft.aspnetcore.mvc.taghelpers 1.1.1
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4