CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1219 matches found

Microsoft CVE•added 2020/07/14 7:0 a.m.•35 views

Visual Studio Code ESLint Extension Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the ESLint extension for Visual Studio Code when it validates source code after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on...

9.3CVSS2.5AI score0.40495EPSS

Exploits2

Microsoft CVE•added 2020/07/14 7:0 a.m.•60 views

Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies. A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user. If the current user is logged on with...

9.3CVSS3.2AI score0.09872EPSS

Exploits0

Tenable Nessus•added 2020/07/14 12:0 a.m.•82 views

Security Update for Microsoft Visual Studio Code (CVE-2020-1416)

The version of Microsoft Visual Studio Code installed on the remote Windows host is prior to 1.47.1. It is, therefore, affected by the following vulnerability: - An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies. A local...

9.3CVSS8.7AI score0.09872EPSS

Exploits0References3

Kaspersky•added 2020/07/14 12:0 a.m.•38 views

KLA11861 Multiple vulnerabilities in Microsoft Products (OSS)

Multiple vulnerabilities were found in Microsoft Products Open Source Software. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in Bond can be exploited remotely via...

9.3CVSS8.9AI score0.09872EPSS

Exploits0References4

Positive Technologies•added 2020/07/14 12:0 a.m.•3 views

PT-2020-3300 · Microsoft · Visual Studio Code Eslint Extension

Name of the Vulnerable Software and Affected Versions: ESLint extension for Visual Studio Code affected versions not specified Description: A remote code execution issue exists in the ESLint extension for Visual Studio Code. This occurs when the extension validates source code after a project is...

9.3CVSS8.5AI score0.40495EPSS

Exploits2References4

Positive Technologies•added 2020/07/14 12:0 a.m.•2 views

PT-2020-3185 · Microsoft · Visual Studio Code +1

Name of the Vulnerable Software and Affected Versions: Visual Studio affected versions not specified Visual Studio Code affected versions not specified Description: The issue is related to an elevation of privilege vulnerability when loading software dependencies. This vulnerability can allow an...

9.3CVSS9.1AI score0.09872EPSS

Exploits0References5

Kaspersky•added 2020/07/14 12:0 a.m.•242 views

KLA11859 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Diagnostics Hub...

9.3CVSS8.5AI score0.9343EPSS

Exploits12References30

Tenable Nessus•added 2020/06/23 12:0 a.m.•38 views

Security Update for Microsoft Visual Studio Code Live Share Extension (June 2020)

An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text. To exploit the vulnerability, an attacker would need to perform a successful capture of the tokens from client to proxy, where specific proxy settings are being used,...

5.9CVSS6.9AI score0.03617EPSS

Exploits0References4

CVE•added 2020/06/22 3:11 p.m.•61 views

CVE-2020-13279

CVE-2020-13279 concerns a vulnerability in the GitLab GitLab-vscode-extension, specifically version v2.2.0 , described as a client-side code execution issue that could allow an attacker to run code on a user’s system. Connected sources corroborate the affected product and scenario, with CVSS metr...

8.6CVSS8.8AI score0.00158EPSS

Exploits0References2Affected Software1

CNVD•added 2020/06/10 12:0 a.m.•11 views

Microsoft Visual Studio Code Information Disclosure Vulnerability

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. An information disclosure vulnerability exists in Microsoft Visual Studio Code. An attacker can exploit this vulnerability to obtain a token by performing a man-in-the-middle attack...

5.9CVSS6.2AI score0.03617EPSS

Exploits0References1

NVD•added 2020/06/09 8:15 p.m.•15 views

CVE-2020-1343

An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'...

5.9CVSS0.03617EPSS

Exploits0References1

Prion•added 2020/06/09 8:15 p.m.•11 views

Information disclosure

5CVSS5.5AI score0.03617EPSS

Exploits0References1

CVE•added 2020/06/09 7:44 p.m.•72 views

CVE-2020-1343

Technical details about CVE-2020-1343 are not provided in the connected documents; public information appears limited to the basic description of an information disclosure in Visual Studio Code Live Share. Monitor for updates.

5.9CVSS6.1AI score0.03617EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/06/09 7:44 p.m.•14 views

CVE-2020-1343

5.6AI score0.03617EPSS

Exploits0References1

Microsoft CVE•added 2020/06/09 7:0 a.m.•16 views

Visual Studio Code Live Share Information Disclosure Vulnerability

5.9CVSS1.9AI score0.03617EPSS

Exploits0

Kaspersky•added 2020/06/09 12:0 a.m.•32 views

KLA11812 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Diagnostic Hub...

7.8CVSS7.4AI score0.03617EPSS

Exploits1References15

OSV•added 2020/05/21 11:15 p.m.•1 views

CVE-2020-1192

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171...

7.8CVSS7.7AI score0.41223EPSS

Exploits1References1

NVD•added 2020/05/21 11:15 p.m.•21 views

CVE-2020-1192

9.3CVSS8.5AI score0.41223EPSS

Exploits1References1

OSV•added 2020/05/21 11:15 p.m.•1 views

CVE-2020-1171

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192...

8.8CVSS7.7AI score0.35831EPSS

Exploits1References1

NVD•added 2020/05/21 11:15 p.m.•15 views

CVE-2020-1171

9.3CVSS8.2AI score0.35831EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by