1373 matches found
CVE-2019-16765
If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to...
Design/Logic Flaw
If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to...
CVE-2019-16765
If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed in version 1.0.1 of the extension. Users should upgrade to...
CVE-2019-16765
Vulnerability CVE-2019-16765 affects the Visual Studio Code CodeQL extension. Opening a specially prepared directory tree as a workspace while the extension is active can lead to arbitrary code execution on the user’s behalf. The issue is fixed in CodeQL extension version 1.0.1; upgrade via VS Co...
Visual Studio Code Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer. A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user. If the current user is logged on...
Microsoft Visual Studio Code CVE-2019-1414 Local Privilege Escalation Vulnerability
Description Microsoft Visual Studio Code is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Visual Studio Code Recommendations Permit local access for trusted individuals only. Where possible, us...
KLA11585 Visual Studio Code Elevation of Privilege Vulnerability
An elevation of privilege vulnerability in Visual Studio Code can be exploited remotely to gain privileges. Original advisories CVE-2019-1414 Related products Microsoft-Visual-Studio CVE list CVE-2019-1414 high KB list Solution Install necessary updates from the KB section, that are listed in you...
Microsoft Visual Studio Code Installed (Windows)
Binary data microsoftvisualstudiocodewinuserinstalled.nbin...
Microsoft Visual Studio Code Installed (Linux)
Binary data microsoftvisualstudiocodelinuxinstalled.nbin...
Node.js third-party modules: Trojan:JS/CoinMiner in npm files
Hello, I am a front end developer and use Vue.js and Visual Studio Code and have had an issue recently with scripts not running in my terminal so decided to fault find. All programmes that I can think of are up to date, and today I decided to do a full windows defender scan and found the above...
Microsoft Visual Studio Code < 1.32 RCE Vulnerability
This host is missing an important security update according to Microsoft Security Update March 2019. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Microsoft Visual Studio Code Detection (Windows SMB Login)
This script detects the installed version of Microsoft Visual Studio Code for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2019-0728
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'...
CVE-2019-0728
CVE-2019-0728 describes a remote code execution vulnerability in Visual Studio Code: if the editor processes environment variables when a project is opened, an attacker could run arbitrary code in the current user context. Exploitation requires user action to clone a repository and open it in VS ...
The vulnerability of Visual Studio Code’s source editor, related to a bug in file handling after opening a project, allows attackers to modify file access rights and execute arbitrary code.
The vulnerability of Visual Studio Code’s source editor is related to a error in variable handling after a project is opened. Exploiting this vulnerability could allow an attacker to modify file access rights and execute arbitrary code...
CVE-2019-0728
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'...
CVE-2019-0728
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'...
Remote code execution
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'...
Security Update for Microsoft Visual Studio Code (February 2019)
The version of Microsoft Visual Studio Code installed on the remote Windows host is prior to 1.31.1. It is, therefore, affected by a remote code execution vulnerability that exists due to how environment variables are processed. An attacker who successfully exploited the vulnerability could run...
Visual Studio Code Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...