Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via the Microsoft.DiaSymReader.Native.amd64.dll file, when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version...

PT-2023-5059 · Microsoft +1 · Visual Studio +2

Name of the Vulnerable Software and Affected Versions: Visual Studio affected versions not specified Description: The issue is related to insufficient input validation in Visual Studio, which can be exploited to execute arbitrary code. This can allow an attacker to run malicious code on the syste...

CVE-2018-1037

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database PDB files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio...

Security Update for the information disclosure vulnerability in Visual Studio 2010 Service Pack 1 (KB4091346)

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database PDB files. An attacker who exploits the vulnerability could view uninitialized memory from the computer that is used to compile a progra...

Security Update for the information disclosure vulnerability in Visual Studio 2013 Update 5 (KB4089283)

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database PDB files. An attacker who exploits the vulnerability could view uninitialized memory from the computer that is used to compile a progra...