Vulnerabilities (CVE)

Vendor filter

Microsoft Subscribe

Product filter

Aspnetcore Subscribe

Filter

4 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-11770 1 Microsoft 1 Aspnetcore 2019-04-16 5.0
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core...
CVE-2017-8700 1 Microsoft 2 Aspnetcore, Asp.net Core 2018-02-01 5.0
ASP.NET Core 1.0, 1.1, and 2.0 allow an attacker to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".
CVE-2017-11879 1 Microsoft 2 Aspnetcore, Asp.net Core 2018-02-01 4.3
ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".
CVE-2017-11883 1 Microsoft 1 Aspnetcore 2017-12-05 5.0
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly handling web requests, aka ".NET CORE Denial Of Service Vulnerability".