1373 matches found
CVE-2022-41042 Visual Studio Code Information Disclosure Vulnerability
...
CVE-2022-41034 Visual Studio Code Remote Code Execution Vulnerability
...
PT-2022-25654 · Microsoft · Visual Studio Code
Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to an information disclosure vulnerability in Visual Studio Code. No specific details about the estimated number of potentially affected devices worldwide or...
PT-2022-25659 · Microsoft · Visual Studio Code
Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to an Elevation of Privilege Vulnerability in Visual Studio Code. No specific details about the estimated number of potentially affected devices worldwide or...
PT-2022-5755 · Microsoft +1 · Visual Studio Code +1
Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to insufficient input validation in Visual Studio Code, which can be exploited by a remote attacker to execute arbitrary code. Recommendations: At the moment...
CVE-2022-41083 Visual Studio Code Elevation of Privilege Vulnerability
...
KLA20005 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Visual Studio Code...
CVE-2022-41034 Visual Studio Code Remote Code Execution Vulnerability
...
GHSA-HPQJ-7CJ6-HFJ8 Snyk CLI affected by Command Injection vulnerability
Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in...
Snyk CLI affected by Command Injection vulnerability
Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in...
CVE-2022-40764
Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in...
CVE-2022-40764
Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in...
Command injection
Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in...
CVE-2022-40764
CVE-2022-40764 affects Snyk CLI and related IDE plugins; before 1.996.0, it allowed arbitrary command execution, potentially via viewing untrusted files in VS Code. The original demonstration involved shell metacharacters in the vendor.json ignore field, affecting snyk-go-plugin before 1.19.1 and...
CVE-2022-40764
Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in...
Microsoft Visual Studio Code Remote Code Execution (CVE-2021-27084)
A remote code execution vulnerability exists in the Maven for Java Extension for Microsoft Visual Studio Code. The vulnerability is due to a design weakness. A remote attacker can exploit this vulnerability by enticing a user to open a maliciously crafted Java Maven project folder...
Security Update for Microsoft Visual Studio Code (September 2022)
The version of Microsoft Visual Studio Code installed on the remote host is prior to 1.17.1 It is, therefore, affected by privilege escalation vulnerability. An authenticated, local attacker can exploit this to escalate their privileges of an affected system to that of another user of Visual Stud...
CVE-2022-38020
Visual Studio Code Elevation of Privilege Vulnerability...
CVE-2022-38020
Visual Studio Code Elevation of Privilege Vulnerability...
Privilege escalation
Visual Studio Code Elevation of Privilege Vulnerability...