1373 matches found
Vulnerabilities fixed in Microsoft Developer Tools
Vulnerabilities have been fixed in Windows Developer Tools. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Impersonating another user Access to sensitive data Increased use...
KLA12146 RCE vulnerability in Microsoft Developer tools
A remote code execution vulnerability was found in Microsoft Developer tools. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-28448 Related products Microsoft-Visual-Studio CVE list CVE-2021-28448 critical KB list Solution Install necessary...
Security Update for Microsoft Visual Studio Code Maven for Java Extension (April 2021)
The Microsoft Visual Studio Code Maven for Java Extension is prior to version 0.29.0. It is, therefore, affected by a remote code execution vulnerability. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system...
Security Update for Microsoft Visual Studio Code Kubernetes Tools Extension (April 2021)
The Microsoft Visual Studio Code Kubernetes Tools Extension is prior to version 1.3.0. It is, therefore, affected by a remote code execution vulnerability. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the syste...
Microsoft Visual Studio Code 代码注入漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. Visual Studio Code code injection vulnerability. No details of the vulnerability are provided at this time...
Microsoft Visual Studio Code 代码注入漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A code injection vulnerability exists in the Microsoft Visual Studio Code Kubernetes Tool Extension, which can be exploited by an attacker to remotely execute code vulnerability...
Security Update for Microsoft Visual Studio Code GitHub Pull Requests and Isssues Extension (April 2021)
The Microsoft Visual Studio Code GitHub Pull Requests and Issues Extension is prior to version 0.25.1. It is, therefore, affected by a remote code execution vulnerability. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary...
PT-2021-2725 · Microsoft · Visual Studio Code
Name of the Vulnerable Software and Affected Versions: Microsoft Visual Studio Code affected versions not specified Description: The issue is related to incorrect code generation management in the editor. Exploitation of this issue may allow an attacker to execute arbitrary code. Recommendations:...
PT-2021-2669 · Microsoft · Visual Studio Code
Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to incorrect code generation management in the editor. It may allow an attacker to execute arbitrary code. Recommendations: At the moment, there is no...
The vulnerability of the Microsoft Visual Studio Code Python Extension, related to improper code generation management, allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Microsoft Visual Studio Code Python Extension is related to improper code generation management. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
CVE-2021-29261
The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration...
CVE-2021-29261
The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration...
Default configuration
The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration...
CVE-2021-29261
The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration...
CVE-2021-29261
The CVE-2021-29261 entry concerns the unofficial Svelte extension for Visual Studio Code, with versions before 104.8.0 vulnerable to arbitrary code execution via a crafted workspace configuration. The affected component is the Svelte language-tools extension used in VS Code; the root cause is not...
CVE-2021-21420
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context...
CVE-2021-21420
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context...
Code injection
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context...
CVE-2021-21420 Vulnerability in Stripe for Visual Studio Code < 1.7.3
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context...
vscode-stripe 注入漏洞
gracegoo-stripe vscode-stripe is an open source application plugin for gracegoo-stripe.Stripe's extensions to Visual Studio Code make it easy to generate sample code, view API request logs, forward events to your application, and use Stripe in the editor. vscode-stripe has an injection...