CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1337 matches found

Positive Technologies•added 2021/11/09 12:0 a.m.•2 views

PT-2021-5162 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to insecure privilege management in Visual Studio Code. Exploitation of this issue may allow an attacker to elevate their privileges. Recommendations: At the...

7.8CVSS7.4AI score0.00243EPSS

Exploits0References5

BDU FSTEC•added 2021/10/13 12:0 a.m.•1 views

The vulnerability of Visual Studio Code’s source editor lies in its insecure handling of privileges, allowing attackers to elevate their privileges.

The vulnerability of Visual Studio Code’s source editor is related to the insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.00257EPSS

Exploits0References2

Tenable Nessus•added 2021/09/16 12:0 a.m.•37 views

Security Update for Microsoft Visual Studio Code (September 2021)

The version of Microsoft Visual Studio Code installed on the remote host is prior to 1.59.1. It is, therefore, affected by code spoofing vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300...

5.5CVSS6.5AI score0.03766EPSS

Exploits0References2

OSV•added 2021/09/15 12:15 p.m.•3 views

CVE-2021-26437

Visual Studio Code Spoofing Vulnerability...

5.5CVSS7.1AI score0.03766EPSS

Exploits0References1

NVD•added 2021/09/15 12:15 p.m.•16 views

CVE-2021-26437

Visual Studio Code Spoofing Vulnerability...

5.5CVSS0.03766EPSS

Exploits0References1

Prion•added 2021/09/15 12:15 p.m.•18 views

Spoofing

Visual Studio Code Spoofing Vulnerability...

4.3CVSS4.3AI score0.03766EPSS

Exploits0References1

Vulnrichment•added 2021/09/15 11:23 a.m.•21 views

CVE-2021-26437 Visual Studio Code Spoofing Vulnerability

...

5.5CVSS6.8AI score0.03766EPSS

Exploits0References1

CVE•added 2021/09/15 11:23 a.m.•98 views

CVE-2021-26437

CVE-2021-26437 concerns a spoofing vulnerability in Microsoft Visual Studio Code. The available documents describe a UI spoofing issue in VS Code with a local attack vector, requiring user interaction, and separate risk details. A remediation referenced by a Nessus plugin indicates updating to Vi...

5.5CVSS5.8AI score0.03766EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/09/15 11:23 a.m.•25 views

CVE-2021-26437 Visual Studio Code Spoofing Vulnerability

...

5.5CVSS6AI score0.03766EPSS

Exploits0References1

Microsoft CVE•added 2021/09/14 7:0 a.m.•76 views

Visual Studio Code Spoofing Vulnerability

...

5.5CVSS5AI score0.03766EPSS

Exploits0

CNNVD•added 2021/09/14 12:0 a.m.•5 views

Microsoft Visual Studio Code 安全漏洞

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in microsoft Visual Studio. The following products and versions are affected: Visual Studio Code...

5.5CVSS6.6AI score0.03766EPSS

Exploits0References4

Positive Technologies•added 2021/09/14 12:0 a.m.•3 views

PT-2021-6962 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can allow an attacker to conduct spoofing attacks. There is also a mention of a...

5.5CVSS6.4AI score0.03766EPSS

Exploits0References6

Kaspersky•added 2021/09/14 12:0 a.m.•31 views

KLA12285 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Visual Studio can be...

7.8CVSS7.9AI score0.20115EPSS

Exploits0References5

Veracode•added 2021/09/08 6:12 a.m.•22 views

Denial Of Service (DoS)

xen is vulnerable to denial of service. The unofficial MATLAB extension for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace because of lint configuration settings...

9.8CVSS7.3AI score0.01232EPSS

Exploits0References6Affected Software1

CNVD•added 2021/08/03 12:0 a.m.•19 views

Microsoft Visual Studio Code Command Injection Vulnerability (CNVD-2021-61415)

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in Visual Studio Code versions prior to 1.3.0, which stems from a problem with Visual Studio Code's unofficial vcode -phpmd aka PHP Mess Detector extension. The vulnerability can be...

9.8CVSS9.6AI score0.02739EPSS

Exploits0References1

OSV•added 2021/07/30 2:15 p.m.•14 views

CVE-2021-30124

The unofficial vscode-phpmd aka PHP Mess Detector extension before 1.3.0 for Visual Studio Code allows remote attackers to execute arbitrary code via a crafted phpmd.command value in a workspace folder...

9.8CVSS8.1AI score

Exploits0References3

CNNVD•added 2021/07/30 12:0 a.m.•3 views

Microsoft Visual Studio Code 命令注入漏洞

9.8CVSS6.2AI score0.02739EPSS

Exploits0References3

CVE•added 2021/07/29 10:27 a.m.•52 views

CVE-2021-30124

The CVE-2021-30124 issue affects the vscode-phpmd (PHP Mess Detector) extension for Visual Studio Code, specifically versions 1.3.0 and earlier. The root cause is a crafted phpmd.command value within a workspace folder that enables remote code execution. This results in arbitrary code execution w...

9.8CVSS9.7AI score0.02739EPSS

Exploits0References3Affected Software1

ArchLinux•added 2021/07/20 12:0 a.m.•133 views

[ASA-202107-34] code: arbitrary code execution

Arch Linux Security Advisory ASA-202107-34 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-31211 CVE-2021-31214 Package : code Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1963 Summary ======= The package co...

9.3CVSS2.6AI score0.09473EPSS

Exploits0References9

Zero Day Initiative•added 2021/07/19 12:0 a.m.•53 views

Microsoft Visual Studio Code maven.executable.options Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio Code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.7AI score0.15876EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by