Published: 10/01/2018 Updated: 01/02/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability".

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft asp.net core 2.0

Don't just grab your CPU bug updates – there's a nasty hole in Office, too

The Register • Shaun Nichols in San Francisco • 09 Jan 2018

It's 2018 and a Word doc can still pwn your Windows computer

Patch Tuesday In case you've been hiding under a rock for the entirety of this new year (and we don't blame you if you have) there are a handful of major security flaws that have been dominating the news, and feature prominently in this month's Patch Tuesday update load. First, let's look at the latest developments in the Meltdown/Spectre saga: Nvidia has got around to kicking out graphics driver updates that address the Spectre flaws present in its code – for example, here are some patches fo...

CVE-2018-0785

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect