Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft asp.net vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2020-1460
<p>A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform act...
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Server 2019
NA
CVE-2005-0509
Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote malicious users to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, inc...
Mono Mono 1.0.5
Microsoft .net Framework 1.1
Microsoft .net Framework 1.0
7.5
CVSSv3
CVE-2022-21986
.NET Denial of Service Vulnerability
Microsoft Visual Studio 2019
Microsoft .net
Microsoft Visual Studio 2022
Fedoraproject Fedora 34
Fedoraproject Fedora 35
2 Github repositories
NA
CVE-2009-2504
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and ...
Microsoft Windows 2003 Server
Microsoft Windows Xp
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft Internet Explorer 6
Microsoft Report Viewer 2008
Microsoft Sql Server Reporting Services 2000
Microsoft Sql Server 2005
Microsoft Report Viewer 2005
Microsoft Expression Web
Microsoft Project 2002
Microsoft Office Powerpoint Viewer 2007
Microsoft Office Excel Viewer
Microsoft Office Word Viewer
Microsoft Office Compatibility Pack 2007
Microsoft Office 2007
Microsoft Excel Viewer 2003
Microsoft Expression Web 2
Microsoft Visio 2002
Microsoft Office Powerpoint Viewer
NA
CVE-2011-3414
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Xp Sp3
Microsoft Windows 7 -
Microsoft Windows Server 2008 -
Microsoft Windows Xp
Microsoft Windows Server 2003
Microsoft Windows Vista -
Microsoft Windows Vista
1 Github repository
NA
CVE-2006-3436
Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 2.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving "ASP.NET controls that set the AutoPostBack property to true".
Microsoft .net Framework 2.0
NA
CVE-2009-3830
The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote malicious users to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to _layouts/download.aspx.
Microsoft Sharepoint Server 2007
1 EDB exploit
NA
CVE-2006-1300
Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote malicious users to bypass access restrictions via unspecified "URL paths" that can access Application Folder objects "explicitly by name.&q...
Microsoft .net Framework 2.0
NA
CVE-2011-1068
Microsoft Windows Azure Software Development Kit (SDK) 1.3.x prior to 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote malicious users to obtain potentially s...
Microsoft Windows Azure Sdk 1.3
NA
CVE-2009-4444
Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) character to determine the file extension, which allows remote malicious users to bypass intended extension restrictions of third-party upload applications via a f...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Services 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »