Aspnetcore
by Microsoft
Source repositories
CVEs (40)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-36038 | 0.01 | — | 0.03 | Nov 14, 2023 | ASP.NET Core Denial of Service Vulnerability | |||
| CVE-2020-1045 | 0.01 | — | 0.07 | Sep 11, 2020 | A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent… | |||
| CVE-2020-1597 | 0.01 | — | 0.07 | Aug 17, 2020 | A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without… | |||
| CVE-2019-0820 | 0.01 | — | 0.06 | May 16, 2019 | A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981. | |||
| CVE-2019-0815 | 0.01 | — | 0.07 | Apr 9, 2019 | A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. | |||
| CVE-2019-0657 | 0.01 | — | 0.05 | Mar 6, 2019 | A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'. | |||
| CVE-2019-0545 | 0.01 | — | 0.10 | Jan 8, 2019 | An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET… | |||
| CVE-2019-0548 | 0.01 | — | 0.08 | Jan 8, 2019 | A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564. | |||
| CVE-2018-8416 | 0.01 | — | 0.07 | Nov 14, 2018 | A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1. | |||
| CVE-2025-24070 | 0.00 | — | 0.01 | Mar 11, 2025 | Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. | |||
| CVE-2024-21386 | 0.00 | — | 0.02 | Feb 13, 2024 | .NET Denial of Service Vulnerability | |||
| CVE-2023-36558 | 0.00 | — | 0.01 | Nov 14, 2023 | ASP.NET Core Security Feature Bypass Vulnerability | |||
| CVE-2023-35391 | 0.00 | — | 0.02 | Aug 8, 2023 | ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability | |||
| CVE-2021-43877 | 0.00 | — | 0.01 | Dec 15, 2021 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability | |||
| CVE-2021-34532 | 0.00 | — | 0.01 | Aug 12, 2021 | ASP.NET Core and Visual Studio Information Disclosure Vulnerability | |||
| CVE-2021-1723 | 0.00 | — | 0.05 | Jan 12, 2021 | ASP.NET Core and Visual Studio Denial of Service Vulnerability | |||
| CVE-2020-1108 | 0.00 | — | 0.12 | May 21, 2020 | A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. | |||
| CVE-2019-1301 | 0.00 | — | 0.05 | Sep 11, 2019 | A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'. | |||
| CVE-2019-0980 | 0.00 | — | 0.05 | May 16, 2019 | A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981. | |||
| CVE-2019-0981 | 0.00 | — | 0.05 | May 16, 2019 | A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980. |
- CVE-2023-36038Nov 14, 2023risk 0.01cvss —epss 0.03
ASP.NET Core Denial of Service Vulnerability
- CVE-2020-1045Sep 11, 2020risk 0.01cvss —epss 0.07
A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names. The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent…
- CVE-2020-1597Aug 17, 2020risk 0.01cvss —epss 0.07
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without…
- CVE-2019-0820May 16, 2019risk 0.01cvss —epss 0.06
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
- CVE-2019-0815Apr 9, 2019risk 0.01cvss —epss 0.07
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
- CVE-2019-0657Mar 6, 2019risk 0.01cvss —epss 0.05
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
- CVE-2019-0545Jan 8, 2019risk 0.01cvss —epss 0.10
An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET…
- CVE-2019-0548Jan 8, 2019risk 0.01cvss —epss 0.08
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564.
- CVE-2018-8416Nov 14, 2018risk 0.01cvss —epss 0.07
A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1.
- CVE-2025-24070Mar 11, 2025risk 0.00cvss —epss 0.01
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
- CVE-2024-21386Feb 13, 2024risk 0.00cvss —epss 0.02
.NET Denial of Service Vulnerability
- CVE-2023-36558Nov 14, 2023risk 0.00cvss —epss 0.01
ASP.NET Core Security Feature Bypass Vulnerability
- CVE-2023-35391Aug 8, 2023risk 0.00cvss —epss 0.02
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
- CVE-2021-43877Dec 15, 2021risk 0.00cvss —epss 0.01
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability
- CVE-2021-34532Aug 12, 2021risk 0.00cvss —epss 0.01
ASP.NET Core and Visual Studio Information Disclosure Vulnerability
- CVE-2021-1723Jan 12, 2021risk 0.00cvss —epss 0.05
ASP.NET Core and Visual Studio Denial of Service Vulnerability
- CVE-2020-1108May 21, 2020risk 0.00cvss —epss 0.12
A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.
- CVE-2019-1301Sep 11, 2019risk 0.00cvss —epss 0.05
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.
- CVE-2019-0980May 16, 2019risk 0.00cvss —epss 0.05
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.
- CVE-2019-0981May 16, 2019risk 0.00cvss —epss 0.05
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.
Page 2 of 2