Privilege escalation

An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka 'Visual Studio Code Elevation of Privilege Vulnerability'...

CVE-2019-1414

CVE-2019-1414 affects Visual Studio Code. A local elevation-of-privilege vulnerability arises when VS Code exposes a debug listener/port to the local user, allowing code injection in the user context. Affected versions are generally prior to 1.39.1; remediation is to update VS Code to 1.39.1 or l...

CVE-2019-1414

An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka 'Visual Studio Code Elevation of Privilege Vulnerability'...

CVE-2019-1414

An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka ‘Visual Studio Code Elevation of Privilege Vulnerability’. Recent assessments: goodlandsecurity at May 20, 2020 2:28am UTC reported: Vulnerability: An elevation ...

Security Update for Microsoft Visual Studio Code (CVE-2019-1414)

The version of Microsoft Visual Studio Code installed on the remote Windows host is prior to 1.39.1. It is, therefore, affected by the following vulnerability: - An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer. A...

Unspecified Vulnerability in Microsoft Visual Studio Code

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in Microsoft Visual Studio Code, which can be exploited by an attacker to execute arbitrary code as a user...

CVE-2019-16765

If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to...

CVE-2019-16765

If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to...

Design/Logic Flaw

If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to...

CVE-2019-16765

Vulnerability CVE-2019-16765 affects the Visual Studio Code CodeQL extension. Opening a specially prepared directory tree as a workspace while the extension is active can lead to arbitrary code execution on the user’s behalf. The issue is fixed in CodeQL extension version 1.0.1; upgrade via VS Co...

CVE-2019-16765

If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to...

Visual Studio Code Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer. A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user. If the current user is logged on...

KLA11585 Visual Studio Code Elevation of Privilege Vulnerability

An elevation of privilege vulnerability in Visual Studio Code can be exploited remotely to gain privileges. Original advisories CVE-2019-1414 Related products Microsoft-Visual-Studio CVE list CVE-2019-1414 high KB list Solution Install necessary updates from the KB section, that are listed in you...

Microsoft Visual Studio Code CVE-2019-1414 Local Privilege Escalation Vulnerability

Description Microsoft Visual Studio Code is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Visual Studio Code Recommendations Permit local access for trusted individuals only. Where possible, us...

Microsoft Visual Studio Code Installed (Windows)

Binary data microsoftvisualstudiocodewinuserinstalled.nbin...

Microsoft Visual Studio Code Installed (Linux)

Binary data microsoftvisualstudiocodelinuxinstalled.nbin...

Node.js third-party modules: Trojan:JS/CoinMiner in npm files

Hello, I am a front end developer and use Vue.js and Visual Studio Code and have had an issue recently with scripts not running in my terminal so decided to fault find. All programmes that I can think of are up to date, and today I decided to do a full windows defender scan and found the above...

Microsoft Visual Studio Code Detection (Windows SMB Login)

This script detects the installed version of Microsoft Visual Studio Code for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Visual Studio Code < 1.32 RCE Vulnerability

This host is missing an important security update according to Microsoft Security Update March 2019. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2019-0728

CVE-2019-0728 describes a remote code execution vulnerability in Visual Studio Code: if the editor processes environment variables when a project is opened, an attacker could run arbitrary code in the current user context. Exploitation requires user action to clone a repository and open it in VS ...