Lucene search
K
MicrosoftAsp.net Model View Controller

5 matches found

CVE
CVE
added 2018/07/11 12:0 a.m.679 views

CVE-2018-8171

CVE-2018-8171 is a Security Feature Bypass in ASP.NET where the system fails to validate the number of incorrect login attempts. Affected components include ASP.NET, ASP.NET Core 1.x (1.0–1.1), and ASP.NET MVC 5.2. The root cause is improper login attempt validation, enabling an attacker to repea...

7.5CVSS7.3AI score0.09832EPSS
CVE
CVE
added 2014/10/15 10:0 a.m.148 views

CVE-2014-4075

CVE-2014-4075 is an XSS vulnerability affecting System.Web.Mvc.dll in Microsoft ASP.NET MVC versions 2.0–5.1. Remote attackers could inject arbitrary script or HTML via crafted pages. The vulnerability arises from how user input is encoded/handled in ASP.NET MVC, per the NVD description. Mitigati...

4.3CVSS4.9AI score0.2016EPSS
CVE
CVE
added 2017/05/12 2:0 p.m.103 views

CVE-2017-0256

CVE-2017-0256 describes a spoofing vulnerability in ASP.NET Core due to improper sanitization/validation of web requests. Affected: Microsoft ASP.NET Core (and IBM Bluemix deployments of ASP.NET Core). Underlying issue: input not properly filtered, enabling spoofing scenarios. Impact per sources ...

5.3CVSS5.4AI score0.03542EPSS
CVE
CVE
added 2017/05/12 2:0 p.m.101 views

CVE-2017-0247

The CVE affects Microsoft ASP.NET Core: a DoS vulnerability caused by improper validation of web requests in the TextEncoder.EncodeCore function. It applies to ASP.NET Core Mvc before 1.0.4 and 1.1.x before 1.1.3, where remote attackers could trigger DoS by exploiting incorrect calculation of the...

7.5CVSS7.2AI score0.16911EPSS
CVE
CVE
added 2017/05/12 2:0 p.m.101 views

CVE-2017-0249

CVE-2017-0249 affects Microsoft ASP.NET Core. A vulnerability in which ASP.NET Core fails to properly sanitize web requests could allow elevation of privileges. Reported CVSS v3 base score 7.3 (HIGH) with NETWORK attack vector, LOW confidentiality/integrity/availability impact. Connected IBM bull...

7.5CVSS7.2AI score0.04134EPSS