Microsoft: >> Asp.net Core Security Vulnerabilities
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
CVSS Score
9.9
EPSS Score
0.001
Published
2025-10-14
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.161
Published
2025-04-08
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
7.0
EPSS Score
0.001
Published
2025-03-11
.NET Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.022
Published
2024-02-13
.NET Denial of Service Vulnerability
CVSS Score
7.5
EPSS Score
0.017
Published
2024-02-13
ASP.NET Core Security Feature Bypass Vulnerability
CVSS Score
6.2
EPSS Score
0.003
Published
2023-11-14
ASP.NET Core Denial of Service Vulnerability
CVSS Score
8.2
EPSS Score
0.074
Published
2023-11-14
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Known exploited
CVSS Score
7.5
EPSS Score
0.944
Published
2023-10-10
CVE-2023-38180
.NET and Visual Studio Denial of Service Vulnerability
Known exploited
CVSS Score
7.5
EPSS Score
0.009
Published
2023-08-08
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
CVSS Score
6.2
EPSS Score
0.021
Published
2023-08-08
Page 1