8734 matches found
BeaverTail and OtterCookie evolve with a new Javascript module
Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea DPRK. This group is known for impersonating hiring organizations to target job seekers, tricking them into installing information-stealing malware to obtain cryptocurrency and user credential...
CVE-2025-55240
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...
EUVD-2025-34346
Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability...
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks
New research has uncovered that publishers of over 100 Visual Studio Code VS Code extensions leaked access tokens that could be exploited by bad actors to update the extensions, posing a critical software supply chain risk. "A leaked VS Code Marketplace or Open VSX PAT personal access token allow...
EUVD-2025-34347
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...
Duplicate Advisory: Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwq6-fmvp-qp68. This link is maintained to preserve external references. Original Description Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose...
CVE-2025-55240
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...
CVE-2025-55240
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...
CVE-2025-55248
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...
CVE-2025-55248
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...
CVE-2025-55248
CVE-2025-55248 is an information-disclosure vulnerability in the .NET ecosystem (affecting .NET 8.0/9.0 runtimes) caused by insufficient encryption, enabling an authorized network attacker to access leaked data. The issue is discussed in Microsoft and ENISA/ALMAS advisories, which indicate affect...
CVE-2025-55248 .NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability
...
CVE-2025-55248 .NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability
...
CVE-2025-55248
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...
CVE-2025-55240 Visual Studio Elevation of Privilege Vulnerability
...
CVE-2025-55240
CVE-2025-55240 is a Visual Studio elevation-of-privilege issue described as an improper access control that lets an authorized attacker escalate to full local privileges. CVSS indicates local attack, low attack complexity, required low privileges, and user interaction, with high impact on confide...
CVE-2025-55240 Visual Studio Elevation of Privilege Vulnerability
...
Visual Studio Elevation of Privilege Vulnerability
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally...
.NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...
Microsoft Visual Studio 访问控制错误漏洞
Microsoft Visual Studio is a family of development tool suites and a largely complete set of development tools from Microsoft Corporation USA that includes most of the tools needed throughout the software lifecycle. An Access Control Error vulnerability exists in Microsoft Visual Studio, which...