Lucene search
K

4960 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/17 12:0 a.m.3 views

Security Updates for Microsoft Visual Studio Products 17.14.17 (October 2025)

The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including: - Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get...

7.5CVSS8.7AI score0.00319EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/17 12:0 a.m.26 views

Security Update for Microsoft .NET Core (October 2025)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by information disclosure vulnerability as referenced in the vendor advisory. - Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to...

5.7CVSS7.3AI score0.00681EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/10/17 12:0 a.m.21 views

Security Updates for Microsoft Visual Studio Products (October 2025)

The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including: - Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. CVE-2025-55240 - Inadequate encryption strength in .NET,...

7.3CVSS8.5AI score0.00681EPSS
Exploits0References6
Talos Blog
Talos Blog
added 2025/10/16 10:0 a.m.7 views

BeaverTail and OtterCookie evolve with a new Javascript module

Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea DPRK. This group is known for impersonating hiring organizations to target job seekers, tricking them into installing information-stealing malware to obtain cryptocurrency and user credential...

8.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/10/15 5:43 p.m.2 views

CVE-2025-55240

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...

7.3CVSS6.9AI score0.00335EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 5:39 p.m.6 views

EUVD-2025-34346

Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability...

4.8CVSS7.7AI score0.00681EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2025/10/15 2:16 p.m.10 views

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

New research has uncovered that publishers of over 100 Visual Studio Code VS Code extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk. "A leaked VS Code Marketplace or Open VSX PAT personal access token allow...

7.4AI score
Exploits0
EUVD
EUVD
added 2025/10/14 6:30 p.m.4 views

EUVD-2025-34347

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...

7.3CVSS6.3AI score0.00335EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/10/14 6:30 p.m.10 views

Duplicate Advisory: Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwq6-fmvp-qp68. This link is maintained to preserve external references. Original Description Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose...

5.7CVSS6.6AI score0.00681EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/10/14 5:15 p.m.2 views

CVE-2025-55240

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...

7.3CVSS0.00335EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 5:15 p.m.3 views

CVE-2025-55248

Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...

5.7CVSS0.00681EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:15 p.m.4 views

CVE-2025-55248

Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...

5.7CVSS6.5AI score0.00681EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:15 p.m.4 views

CVE-2025-55240

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...

7.3CVSS5.7AI score0.00335EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 5:0 p.m.115 views

CVE-2025-55248

CVE-2025-55248 is an information-disclosure vulnerability in the .NET ecosystem (affecting .NET 8.0/9.0 runtimes) caused by insufficient encryption, enabling an authorized network attacker to access leaked data. The issue is discussed in Microsoft and ENISA/ALMAS advisories, which indicate affect...

5.7CVSS6.1AI score0.00681EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/14 5:0 p.m.3 views

CVE-2025-55248 .NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability

...

4.8CVSS6.6AI score0.00681EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 5:0 p.m.7 views

CVE-2025-55248 .NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability

...

4.8CVSS0.00681EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/10/14 5:0 p.m.3 views

CVE-2025-55248

Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...

5.7CVSS8.9AI score0.00681EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/10/14 5:0 p.m.1 views

CVE-2025-55240 Visual Studio Elevation of Privilege Vulnerability

...

7.3CVSS6.6AI score0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 5:0 p.m.8 views

CVE-2025-55240 Visual Studio Elevation of Privilege Vulnerability

...

7.3CVSS0.00335EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 5:0 p.m.28 views

CVE-2025-55240

CVE-2025-55240 is a Visual Studio elevation-of-privilege issue described as an improper access control that lets an authorized attacker escalate to full local privileges. CVSS indicates local attack, low attack complexity, required low privileges, and user interaction, with high impact on confide...

7.3CVSS6.5AI score0.00335EPSS
Exploits0References1Affected Software3
Rows per page
Query Builder