Visual Studio 2019 Security Vulnerabilities

CVE-2022-35826

Visual Studio Remote Code Execution...

CVE-2022-35825

Visual Studio Remote Code Execution...

CVE-2022-35777

Visual Studio Remote Code Execution...

CVE-2022-34716

.NET Spoofing...

CVE-2022-30184

.NET and Visual Studio Information Disclosure...

CVE-2022-29145

.NET and Visual Studio Denial of Service...

CVE-2022-29117

.NET and Visual Studio Denial of Service...

CVE-2022-23267

.NET and Visual Studio Denial of Service...

CVE-2022-24513

Visual Studio Elevation of Privilege...

CVE-2022-24767

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user...

CVE-2022-24512

.NET and Visual Studio Remote Code Execution...

CVE-2022-24464

.NET and Visual Studio Denial of Service...

CVE-2022-21986

.NET Denial of Service...

CVE-2022-21871

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege...

CVE-2021-43877

ASP.NET Core and Visual Studio Elevation of Privilege...

CVE-2021-42319

Visual Studio Elevation of Privilege...

CVE-2021-42277

Diagnostics Hub Standard Collector Elevation of Privilege...

CVE-2021-41355

.NET Core and Visual Studio Information Disclosure...

CVE-2021-36952

Visual Studio Remote Code Execution...

CVE-2021-26434

Visual Studio Elevation of Privilege...

CVE-2021-34485

.NET Core and Visual Studio Information Disclosure...

CVE-2021-34532

ASP.NET Core and Visual Studio Information Disclosure...

CVE-2021-26423

.NET Core and Visual Studio Denial of Service...

CVE-2021-31957

ASP.NET Core Denial of Service...

CVE-2021-31204

.NET and Visual Studio Elevation of Privilege...

CVE-2021-27068

Visual Studio Remote Code Execution...

CVE-2021-28322

Diagnostics Hub Standard Collector Service Elevation of Privilege...

CVE-2021-28313

Diagnostics Hub Standard Collector Service Elevation of Privilege...

CVE-2021-28321

Diagnostics Hub Standard Collector Service Elevation of Privilege...

CVE-2021-27064

Visual Studio Installer Elevation of Privilege...

CVE-2021-24112

.NET Core Remote Code Execution...

CVE-2021-26701

.NET Core Remote Code Execution...

CVE-2021-1639

Visual Studio Code Remote Code Execution...

CVE-2021-1721

.NET Core and Visual Studio Denial of Service...

CVE-2021-1723

ASP.NET Core and Visual Studio Denial of Service...

CVE-2021-1680

Diagnostics Hub Standard Collector Elevation of Privilege...

CVE-2021-1651

Diagnostics Hub Standard Collector Elevation of Privilege...

CVE-2020-17156

Visual Studio Remote Code Execution...

CVE-2020-17100

Visual Studio Tampering...

CVE-2020-26870

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM...

CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...

CVE-2020-1130

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially...

CVE-2020-1133

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially...

CVE-2020-16874

A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an...

CVE-2020-16856

A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an...

CVE-2020-1597

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A...

CVE-2020-1416

An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege...

CVE-2020-1393

An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from...

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution...

CVE-2020-1293

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257,...