1333 matches found
Microsoft Visual Studio Code 安全漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in Microsoft Visual Studio Code. An attacker exploits the vulnerability to perform spoofing attacks...
KLA49157 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in SysInternals Sysmon for Windows can be...
Visual Studio Code Server Files Detected
Visual Studio Code is a popular source-code editor provided by Microsoft, with extensions offering a variety of extra functionality including remote workspace access via ssh. Use of this remote workflow creates a hidden directory named .vscode-server on the remote server which may be exposed with...
Microsoft Visual Studio Code < 1.77.2 RCE
The version of Microsoft Visual Studio Code installed on the remote host is prior to 1.77.2 It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for...
CVE-2023-24893
Visual Studio Code Remote Code Execution Vulnerability...
Remote code execution
Visual Studio Code Remote Code Execution Vulnerability...
CVE-2023-24893 Visual Studio Code Remote Code Execution Vulnerability
...
CVE-2023-24893 Visual Studio Code Remote Code Execution Vulnerability
...
CVE-2023-24893
CVE-2023-24893 affects Visual Studio Code; versions prior to 1.77.2 are vulnerable to remote code execution. An attacker could bypass authentication and execute arbitrary commands. Remediation: update VS Code to 1.77.2 or later per Nessus plugin details. Other sources corroborate RCE vectors for ...
Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages
Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting .NET developers. The sophisticated typosquatting campaign, which was uncovered by JFrog late last month,...
Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages
Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting .NET developers. The sophisticated typosquatting campaign, which was uncovered by JFrog late last month,...
Visual Studio Code Remote Code Execution Vulnerability
...
KLA48843 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability...
Microsoft Visual Studio Code 安全漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in Microsoft Visual Studio Code. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the vendor announcement...
PT-2023-2432 · Microsoft +1 · Visual Studio +2
Name of the Vulnerable Software and Affected Versions: Microsoft Visual Studio affected versions not specified Microsoft Visual Studio Code affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Visual Studio, which can allow an attacker to...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in Microsoft Developer Tools. A malicious party could exploit the vulnerabilities to gain access to sensitive data, obtain elevated privileges or execute arbitrary code. To do so the malicious party must have access to a system on which the vulnerable...
Xxe
Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28681
Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28681
Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
PT-2023-21900 · Jenkins · Jenkins Visual Studio Code Metrics Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Visual Studio Code Metrics Plugin versions 1.7 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows attackers who can control VS Code Metrics File...