VYPR

Asp.net

by Microsoft

Source repositories

CVEs (34)

  • CVE-2020-0603Jan 14, 2020
    risk 0.01cvss epss 0.20

    A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution…

  • CVE-2019-1302Sep 11, 2019
    risk 0.01cvss epss 0.05

    An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'.

  • CVE-2019-0982May 16, 2019
    risk 0.01cvss epss 0.07

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2019-0815Apr 9, 2019
    risk 0.01cvss epss 0.07

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2019-0548Jan 8, 2019
    risk 0.01cvss epss 0.08

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564.

  • CVE-2019-0564Jan 8, 2019
    risk 0.01cvss epss 0.08

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0548.

  • CVE-2010-2088May 27, 2010
    risk 0.01cvss epss 0.09

    ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks against the form control via the __VIEWSTATE parameter.

  • CVE-2010-2084May 27, 2010
    risk 0.01cvss epss 0.13

    Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits from HtmlContainerControl, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to an attribute.

  • CVE-2005-2224Jul 12, 2005
    risk 0.01cvss epss 0.18

    aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a crafted SOAP message to an RPC/Encoded method.

  • CVE-2003-0768Sep 22, 2003
    risk 0.01cvss epss 0.13

    Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.

  • CVE-2020-1476Aug 17, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files. To exploit this vulnerability, an…

  • CVE-2020-1161May 21, 2020
    risk 0.00cvss epss 0.06

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2020-0602Jan 14, 2020
    risk 0.00cvss epss 0.08

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2019-1075Jul 15, 2019
    risk 0.00cvss epss 0.03

    A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'.

Page 2 of 2