CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Microsoft: >> Asp.net Core Security Vulnerabilities

CVE-2018-0785

ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Site Request Forgery Vulnerability".

CVSS Score

6.5

EPSS Score

0.02

Published

2018-01-10

CVE-2017-8700

ASP.NET Core 1.0, 1.1, and 2.0 allow an attacker to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".

CVSS Score

7.5

EPSS Score

0.214

Published

2017-11-15

CVE-2017-11879

ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability".

CVSS Score

8.8

EPSS Score

0.057

Published

2017-11-15

Page 4

Vulnerabilities

Vulnerable Software

Microsoft: >> Asp.net Core Security Vulnerabilities

Products

Pricing

Contact Us