microsoft asp.net_core CVE 漏洞(39)

CVE 數: 39 CPE versions: View versions table

摘要

本頁列出影響 microsoft asp.net_core 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。

顯示 12039 CVE 數
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2026-45591 Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network. [email protected] 7.5 2.43% 2026-06-09 2026-06-29
CVE-2026-40372 Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. [email protected] 9.1 11.21% 2026-04-21 2026-06-27
CVE-2026-26130 Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. [email protected] 7.5 2.82% 2026-03-10 2026-06-29
CVE-2025-55315 Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network. [email protected] 9.9 66.26% 2025-10-14 2026-06-17
CVE-2025-26682 Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. [email protected] 7.5 1.38% 2025-04-08 2026-06-17
CVE-2025-24070 Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. [email protected] 7.0 0.91% 2025-03-11 2026-06-17
CVE-2024-21404 .NET Denial of Service Vulnerability [email protected] 7.5 2.71% 2024-02-13 2026-06-17
CVE-2024-21386 .NET Denial of Service Vulnerability [email protected] 7.5 2.39% 2024-02-13 2026-06-17
CVE-2023-36558 ASP.NET Core Security Feature Bypass Vulnerability [email protected] 6.2 1.08% 2023-11-14 2026-06-17
CVE-2023-36038 ASP.NET Core Denial of Service Vulnerability [email protected] 8.2 2.78% 2023-11-14 2026-06-17
CVE-2023-44487 KEV The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. [email protected] 7.5 100.00% 2023-10-10 2026-06-17
CVE-2023-38180 KEV .NET and Visual Studio Denial of Service Vulnerability [email protected] 7.5 15.52% 2023-08-08 2026-06-17
CVE-2023-35391 ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability [email protected] 6.2 1.94% 2023-08-08 2026-06-17
CVE-2021-43877 ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability [email protected] 8.8 0.68% 2021-12-15 2026-06-17
CVE-2021-34532 ASP.NET Core and Visual Studio Information Disclosure Vulnerability [email protected] 5.5 1.12% 2021-08-12 2026-06-16
CVE-2021-1723 ASP.NET Core and Visual Studio Denial of Service Vulnerability [email protected] 7.5 4.91% 2021-01-12 2026-06-16
CVE-2020-1045 <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p> [email protected] 7.5 6.62% 2020-09-11 2026-06-16
CVE-2020-1597 A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the ASP.NET C [email protected] 7.5 6.56% 2020-08-17 2026-06-16
CVE-2020-1161 A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. [email protected] 7.5 5.70% 2020-05-21 2026-06-16
CVE-2020-0603 A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'. [email protected] 8.8 19.98% 2020-01-14 2026-06-16
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
cvelogic Threat Intelligence