CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-2276

Malicious code in bioql PyPI...

7.3CVSS9AI score0.00434EPSS

Exploits0References2

RedhatCVE•added 2025/02/13 7:13 p.m.•8 views

CVE-2025-21206

Visual Studio Installer Elevation of Privilege Vulnerability...

7.3CVSS6.8AI score0.00434EPSS

Exploits0References3

OSV•added 2025/02/11 6:15 p.m.•0 views

CVE-2025-21206

Visual Studio Installer Elevation of Privilege Vulnerability...

7.3CVSS7.3AI score0.00434EPSS

Exploits0References1

NVD•added 2025/02/11 6:15 p.m.•8 views

CVE-2025-21206

Visual Studio Installer Elevation of Privilege Vulnerability...

7.3CVSS0.00434EPSS

Exploits0References1

CVE•added 2025/02/11 5:58 p.m.•81 views

CVE-2025-21206

The CVE-2025-21206 issue concerns the Visual Studio installers with an elevation-of-privilege vulnerability. A concrete root cause mentioned in connected PT-2025-6298 is an uncontrolled search path element affecting the Visual Studio Installer, which could allow a local attacker to gain higher pr...

7.3CVSS7.4AI score0.00434EPSS

Exploits0References1Affected Software3

Veracode•added 2024/07/10 7:26 a.m.•23 views

Privilege Escalation

Microsoft.IO.Redist is vulnerable to Privilege Escalation. The vulnerability is due improper link resolution in the Visual Studio installer on Windows OS that allows an unprivileged user to manipulate the installation, leading to elevated SYSTEM level privileges...

7.3CVSS6.5AI score0.008EPSS

Exploits0References2Affected Software3

Github Security Blog•added 2024/03/25 7:42 p.m.•32 views

WiX based installers are vulnerable to binary hijack when run as SYSTEM

Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...

7.3CVSS6.7AI score0.0008EPSS

Exploits0References5Affected Software2

Zero Day Initiative•added 2022/03/01 12:0 a.m.•20 views

(0Day) Microsoft Visual Studio Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Visual Studio. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

5.3CVSS3.9AI score

Exploits0

Zero Day Initiative•added 2022/03/01 12:0 a.m.•16 views

(0Day) Microsoft Visual Studio Link Following Denial-of-Service Vulnerability

5.3CVSS3.9AI score

Exploits0

Positive Technologies•added 2021/04/13 12:0 a.m.•2 views

PT-2021-2709 · Microsoft · Visual Studio Installer

Name of the Vulnerable Software and Affected Versions: Visual Studio Installer affected versions not specified Description: The issue is related to insecure privilege management in the Microsoft Visual Studio development software installation service. Exploitation of this issue may allow an...

7.8CVSS7.2AI score0.00208EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by