155 matches found
HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers
CVE-2026-21637 is regarding a vulnerability in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths tlsClientError...
PT-2025-21127
Name of the Vulnerable Software and Affected Versions: .NET versions prior to the fixed version Visual Studio affected versions not specified Build Tools for Visual Studio affected versions not specified Description: The issue allows an authorized attacker to perform spoofing over a network due t...
NuGet Client Security Feature Bypass Vulnerability
Description Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A security feature bypass...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed several vulnerabilities. A malicious remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code, bypass security measures or access gain access to sensitive data. Information about the vulnerability with reference CVE-2020-16937 is...
The vulnerability of the Microsoft Visual Studio software update service allows a hacker to escalate their privileges.
The vulnerability of the Microsoft Visual Studio software update service is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges...
Visual Studio 2019 version 16.11.0 to 16.11.18 update
This security update applies to all editions of Visual Studio 2019 between versions 16.11.0 and 16.11.17, and will update client machines to version 16.11.18. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in ord...
Visual Studio 2019 version 16.7.0 to 16.7.26 update
Visual Studio 2019 version 16.7.0 to 16.7.26 security update. This update applies to all affected editions of Visual Studio 2019 version 16.7. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the updat...
Visual Studio 2022 version 17.4.4 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on either the Current or LTSC channels to version 17.4.4. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in orde...
Visual Studio 2022 version 17.0.14 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.0.14. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update t...
Visual Studio 2017 version 15.9.54 update
This security update applies to all editions of Visual Studio 2017 between versions 15.0.0 and 15.9.53, and will update client machines to version 15.9.54. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order...
Visual Studio 2022 version 17.8.14 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.8.14. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update t...
Visual Studio 2022 version 17.4.9 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.4.9. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update to...
Visual Studio 2022 version 17.7.6 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on the Current channel to version 17.7.6. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update...
Visual Studio 2019 version 16.7.0 to 16.7.27 update
Visual Studio 2019 version 16.7.0 to 16.7.27 security update. This update applies to all affected editions of Visual Studio 2019 version 16.7. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the updat...
Visual Studio 2022 version 17.6.5 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on either the Current or LTSC channels to version 17.6.5. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in orde...
Visual Studio 2022 version 17.8.7 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on either the Current or LTSC channels to version 17.8.7. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in orde...
Visual Studio 2022 version 17.0.15 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.0.15. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update t...
Visual Studio 2019 version 16.11.33 update
This security update applies to all editions of Visual Studio 2019 between versions 16.0.0 and 16.11.32, and will update client machines to version 16.11.33. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in orde...
Visual Studio 2022 version 17.2.19 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.2.19. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update t...
Visual Studio 2017 version 15.9.56 update
This security update applies to all editions of Visual Studio 2017 between versions 15.0.0 and 15.9.55, and will update client machines to version 15.9.56. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order...