Lucene search
K
MicrosoftVisual Studio 2019

118 matches found

CVE
CVE
added 2024/04/09 5:0 p.m.197 views

CVE-2024-28932

CVE-2024-28932 is a remote code execution vulnerability in Microsoft ODBC Driver for SQL Server. Connected sources confirm the issue affects the ODBC Driver family and is addressed by Microsoft security updates. Specifically, security updates KB5037570/KB5037571 cover ODBC Driver 17 for SQL Serve...

8.8CVSS9AI score0.02415EPSS
CVE
CVE
added 2021/11/10 12:47 a.m.192 views

CVE-2021-42277

Technical details about CVE-2021-42277 are not provided in the connected documents; only generic vulnerability labels and references are available. Monitor for official advisories or CVE records for affected products, fixes, and mitigations.

7.8CVSS6.5AI score0.00792EPSS
CVE
CVE
added 2021/01/12 7:42 p.m.188 views

CVE-2021-1723

CVE-2021-1723 is an ASP.NET Core/dotnet-denial-of-service issue related to the HTTP/2 path. Connected advisories cite that running callbacks outside of locks can cause a Krestel deadlock, leading to a DoS condition. Affected products include dotnet-runtime and related packages (Azure/Visual Studi...

7.5CVSS7.3AI score0.04908EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.185 views

CVE-2024-28938

CVE-2024-28938 corresponds to a Remote Code Execution vulnerability in Microsoft ODBC Driver for SQL Server. The issue affects the ODBC Driver family (notably components used by SQL Server clients) and is tied to improper handling that could permit arbitrary code execution. Microsoft has released...

8.8CVSS9AI score0.0233EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.184 views

CVE-2024-28935

CVE-2024-28935 pertains to the Microsoft ODBC Driver for SQL Server. It is a Remote Code Execution vulnerability in the ODBC Driver component. The public record indicates an RCE vulnerability with CVSSv3 base score 8.8 (Network, high impact, user interaction required). Microsoft’s April 2024 secu...

8.8CVSS9AI score0.02356EPSS
CVE
CVE
added 2021/02/25 11:1 p.m.180 views

CVE-2021-1721

CVE-2021-1721 is a denial-of-service vulnerability in dotnet-core/.NET Core prior to 3.1.12 affecting HTTPS web requests during X509 certificate chain building. Multiple sources (Arch Linux advisories ASA-202103-17 and ASA-202103-16) describe the impact as a denial of service, with upgrade paths ...

6.5CVSS6.6AI score0.0334EPSS
CVE
CVE
added 2022/08/09 7:59 p.m.179 views

CVE-2022-35777

CVE-2022-35777 is a Visual Studio remote code execution vulnerability affecting the VSGraphics component. Connected sources (KB/MSRC/NVD) identify it as a Fbx File parser Heap overflow vulnerability within Visual Studio product lines, with references listing affected versions (including VS 2012 U...

8.8CVSS8.8AI score0.0168EPSS
CVE
CVE
added 2022/01/11 8:22 p.m.174 views

CVE-2022-21871

Technical details about CVE-2022-21871 are not publicly provided in the supplied documents; no affected product/version, root cause, or remediation are described here. Monitor for official disclosures and updates.

7.8CVSS8AI score0.0068EPSS
CVE
CVE
added 2021/02/25 11:1 p.m.170 views

CVE-2021-1639

CVE-2021-1639 appears as a Visual Studio Code remote code execution vulnerability. Connected sources confirm Visual Studio Code is affected and note public exploits exist (Kaspersky). The documents provide high-severity impact for this CVE but do not consistently expose concrete root-cause detail...

7.8CVSS7AI score0.01978EPSS
CVE
CVE
added 2021/01/12 7:42 p.m.170 views

CVE-2021-1651

Technical details about CVE-2021-1651 are not provided in the supplied documents; only the vulnerability is named. Monitor for updates from official advisories.

7.8CVSS8.1AI score0.0081EPSS
CVE
CVE
added 2023/02/14 8:9 p.m.170 views

CVE-2023-21815

CVE-2023-21815 is a Visual Studio remote code execution vulnerability. The connected Microsoft KB entries state it exists in Visual Studio 2013 Update 5 and is caused by improper handling of debug information, enabling remote code execution. The updated security fixes (KB5026610 for VS2013 Update...

7.8CVSS8.1AI score0.00523EPSS
CVE
CVE
added 2019/07/15 6:56 p.m.168 views

CVE-2019-1077

Summary (CVE-2019-1077): A local elevation-of-privilege flaw in the Visual Studio updater service arises from improper handling of file permissions. The vulnerability allows an attacker who can log on locally to overwrite arbitrary files with XML content in the local system security context, enab...

6.6CVSS6.6AI score0.01755EPSS
CVE
CVE
added 2019/05/16 6:17 p.m.167 views

CVE-2019-0727

CVE-2019-0727 describes an elevation-of-privilege flaw in the Diagnostics Hub Standard Collector and the Visual Studio Standard Collector, allowing an attacker who can log on to delete files in arbitrary locations. The vulnerability is rooted in the collectors’ handling of file deletion permissio...

7.8CVSS7.3AI score0.01049EPSS
CVE
CVE
added 2023/04/11 7:13 p.m.163 views

CVE-2023-28296

CVE-2023-28296 is a Microsoft Visual Studio remote code execution vulnerability with multiple affected products (Visual Studio 2022/2019, .NET components, and Visual Studio Code). The root cause is not explicitly detailed here, but the CVSSv3.1 scores it as a high-severity, locally exploitable is...

7.8CVSS7.9AI score0.00681EPSS
CVE
CVE
added 2020/08/17 7:13 p.m.160 views

CVE-2020-1597

CVE-2020-1597 is a denial-of-service vulnerability in ASP.NET Core where remote, unauthenticated attackers can cause resource exhaustion by sending specially crafted web requests. The flaw stems from how ASP.NET Core handles incoming requests and is fixed by an update that corrects request handli...

7.5CVSS7.6AI score0.06561EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.158 views

CVE-2025-21178

Technical details about CVE-2025-21178 are not publicly provided in the connected documents. No affected product/version/root cause/impact are specified here. Monitor for updates from MSRC/MSKB and other sources for concrete details and patch information.

8.8CVSS9AI score0.01523EPSS
CVE
CVE
added 2023/06/13 11:25 p.m.153 views

CVE-2023-33139

CVE-2023-33139 describes an Information Disclosure vulnerability in Microsoft Visual Studio, tied to the VSGraphics component. Public disclosures indicate affected VS versions range from Visual Studio 2013 Update 5 through newer updates, with MSKB entries (KB5026454/KB5026455) outlining hotfixes ...

5.5CVSS5.5AI score0.00824EPSS
CVE
CVE
added 2021/05/11 7:11 p.m.152 views

CVE-2021-27068

CVE-2021-27068 is a Visual Studio remote code execution vulnerability. Public records confirm an in-scope vulnerability affecting Visual Studio components, allowing remote code execution with network access and low attack complexity; exploitation can lead to high impact on confidentiality, integr...

8.8CVSS8.9AI score0.53582EPSS
CVE
CVE
added 2022/08/09 8:12 p.m.151 views

CVE-2022-35826

CVE-2022-35826 is a Visual Studio remote code execution vulnerability affecting multiple Visual Studio versions through the VSGraphics component, with Microsoft’s August 2022 updates addressing CVE-2022-35826 alongside related CVEs (e.g., 35825, 35777, 35827). The Microsoft advisories describe an...

8.8CVSS8.8AI score0.01779EPSS
CVE
CVE
added 2019/09/11 9:24 p.m.150 views

CVE-2019-1232

CVE-2019-1232 is a local elevation-of-privilege flaw in the Diagnostics Hub Standard Collector Service. Affected: Diagnostics Hub Standard Collector Service; root cause: improper impersonation of certain file operations. Impact per sources: confidentiality, integrity, and availability are rated p...

7.8CVSS8AI score0.00834EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.149 views

CVE-2020-16856

CVE-2020-16856 is a Visual Studio remote code execution vulnerability. The issue arises from how Visual Studio handles objects in memory, enabling an attacker to run arbitrary code in the context of the current user. If the user runs Visual Studio with administrative rights, the attacker could ta...

9.3CVSS8.8AI score0.04369EPSS
CVE
CVE
added 2020/12/09 11:36 p.m.149 views

CVE-2020-17156

CVE-2020-17156 is a Microsoft Visual Studio remote code execution vulnerability. Connected sources corroborate a Visual Studio/Developer Tools exposure with high-severity impact (CVSS v3.1 base 7.8) and note that an update is available from Microsoft/MSRC to fix it. Affected products include vari...

7.8CVSS7.8AI score0.02881EPSS
CVE
CVE
added 2023/02/14 8:9 p.m.147 views

CVE-2023-23381

CVE-2023-23381 is a Visual Studio remote code execution vulnerability. Connected documents confirm this CVE is referenced in Microsoft security updates for multiple Visual Studio versions (e.g., VS2013 Update 5 and VS2015 Update 3) with patches/KB articles available (KB5026610, KB5025792). The KB...

7.8CVSS7.9AI score0.00436EPSS
CVE
CVE
added 2023/04/11 7:13 p.m.142 views

CVE-2023-28262

CVE-2023-28262 is a Microsoft Visual Studio elevation of privilege vulnerability. Several connected sources (e.g., NCSC advisories) confirm a privilege-escalation flaw affecting multiple Visual Studio products, including various Visual Studio versions (e.g., 2017/2019/2022 lines) and Visual Studi...

7.8CVSS7.7AI score0.00439EPSS
CVE
CVE
added 2020/05/21 10:53 p.m.141 views

CVE-2020-1161

CVE-2020-1161 is a denial-of-service vulnerability in ASP.NET Core where improper handling of web requests can trigger a DoS. It is referenced in multiple advisories (e.g., RHSA-2020:2250 and ELSA-2020-2250) as part of the .NET Core DoS fixes. The connected Red Hat advisories indicate the remedia...

7.5CVSS7.3AI score0.05701EPSS
CVE
CVE
added 2020/09/11 5:9 p.m.140 views

CVE-2020-1133

Technical details about CVE-2020-1133 are not publicly provided in the connected documents. Available sources mention Diagnostics Hub Standard Collector and the fix, but no affected versions, exploit specifics, or mitigation steps are given. Monitor for updates.

7.8CVSS6.5AI score0.00978EPSS
CVE
CVE
added 2020/09/11 5:9 p.m.138 views

CVE-2020-1130

CVE-2020-1130 affects the Diagnostics Hub Standard Collector. The issue is an elevation of privilege in the collector’s data handling, enabling a crafted local application to run processes in an elevated context. The vulnerability is addressed by updating how the Diagnostics Hub Standard Collecto...

7.8CVSS7AI score0.00777EPSS
CVE
CVE
added 2022/08/09 8:12 p.m.136 views

CVE-2022-35825

Technical details about CVE-2022-35825 are not publicly provided in the supplied documents. No explicit affected product version, root cause, or remediation is described here. Monitor for official updates from Microsoft and security advisories.

8.8CVSS8.8AI score0.01779EPSS
CVE
CVE
added 2023/02/14 8:9 p.m.134 views

CVE-2023-21566

CVE-2023-21566 is a Visual Studio elevation-of-privilege vulnerability. The linked documents describe insufficient access restrictions in Visual Studio that can allow a local attacker with low privileges to escalate to higher privileges (obtaining increased entitlements). Exploitation is local an...

7.8CVSS7.7AI score0.00367EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.132 views

CVE-2020-1202

CVE-2020-1202 affects Diagnostics Hub Standard Collector or Visual Studio Standard Collector. Root cause: improper handling of memory objects leading to elevation of privilege. Impact: local elevation of privileges if exploited; CVSS data in the Initial document indicates HIGH severity. Exploitat...

7.8CVSS8AI score0.00889EPSS
CVE
CVE
added 2021/04/13 7:32 p.m.131 views

CVE-2021-28321

CVE-2021-28321 is a elevation-of-privilege issue in the Diagnostics Hub Standard Collector Service. The NVD entry lists a local, low-attack‑complexity vector with no authentication, achieving high impact on confidentiality, integrity, and availability (CVSS‑3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:...

7.8CVSS7.8AI score0.01281EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.130 views

CVE-2020-16874

CVE-2020-16874 is a Visual Studio remote code execution vulnerability caused by improper handling of objects in memory. Exploitation requires a user to open a specially crafted file, potentially allowing arbitrary code execution in the current user context with Administrative rights. Microsoft an...

9.3CVSS8.9AI score0.04285EPSS
CVE
CVE
added 2021/12/15 2:15 p.m.128 views

CVE-2021-43877

CVE-2021-43877 is an elevation-of-privilege vulnerability reported for ASP.NET Core (and Visual Studio) . The primary sources in the connected documents identify it by title as an “Elevation of Privilege” issue without providing explicit technical details in the text here. NVD data in the initial...

8.8CVSS8.1AI score0.00716EPSS
CVE
CVE
added 2020/03/12 3:48 p.m.127 views

CVE-2020-0810

CVE-2020-0810 affects the Diagnostics Hub Standard Collector and the Visual Studio Standard Collector on Windows. The root cause is an elevation of privilege vulnerability allowing file creation in arbitrary locations, exploitable by a logged-on attacker who runs a crafted application; this could...

7.8CVSS8.6AI score0.01002EPSS
CVE
CVE
added 2020/07/14 10:54 p.m.127 views

CVE-2020-1393

Summary: CVE-2020-1393 is an elevation of privilege in Windows Diagnostics Hub related to the Standard Collector Service failing to sanitize input, causing insecure library loading. The root cause is input validation/sanitization weaknesses leading to loading of untrusted libraries. This CVE is r...

7.8CVSS8AI score0.00919EPSS
CVE
CVE
added 2021/04/13 7:32 p.m.123 views

CVE-2021-28313

Technical details about CVE-2021-28313 are not publicly provided in the supplied documents. Monitor for updates from NVD, MSRC, and vendor advisories for affected components and fixes.

7.8CVSS7.7AI score0.01039EPSS
CVE
CVE
added 2021/09/15 11:23 a.m.122 views

CVE-2021-26434

CVE-2021-26434 is a Visual Studio local privilege escalation. The issue arises during installation of Game development with C++/Unreal Engine workload, where the installer creates a directory with write permissions for all users, enabling LPE. Affected products include various Visual Studio versi...

7.8CVSS7.5AI score0.00828EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.119 views

CVE-2020-1257

Technical details about CVE-2020-1257 are not provided in the connected documents. Public aliases, affected components, impact or fixes are not specified here; monitor for authoritative updates.

7.8CVSS8.1AI score0.00785EPSS
CVE
CVE
added 2021/01/12 7:42 p.m.119 views

CVE-2021-1680

Technical details about CVE-2021-1680 are not publicly available in the provided connected documents. Monitor for updates for affected product, root cause, impact, and remediation information.

7.8CVSS8.1AI score0.00714EPSS
CVE
CVE
added 2021/04/13 7:32 p.m.119 views

CVE-2021-28322

Technical details about CVE-2021-28322 are not publicly provided in the supplied documents. No affected products, exploit information, or fixes are described here. Monitor for updates from the referenced advisories and vulnerability feeds.

7.8CVSS7.8AI score0.01039EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.118 views

CVE-2020-1293

CVE-2020-1293 is an Elevation of Privilege vulnerability in Diagnostics Hub Standard Collector Service where file operations are mishandled. The connected AVLeonarov item places CVE-2020-1293 under Diagnostics Hub Standard Collector EOP and lists it alongside CVE-2020-1257 and CVE-2020-1278, but ...

7.8CVSS8.1AI score0.00785EPSS
CVE
CVE
added 2021/09/15 11:23 a.m.118 views

CVE-2021-36952

The linked Nessus entry for CVE-2021-36952 identifies Visual Studio as affected, describing a local, memory-handling vulnerability that an unauthenticated attacker can exploit to bypass authentication and execute arbitrary commands. This is stated as a Visual Studio code-execution issue caused by...

7.8CVSS7.9AI score0.54171EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.117 views

CVE-2020-1203

CVE-2020-1203 is an elevation of privilege affecting the Diagnostics Hub Standard Collector and the Visual Studio Standard Collector, caused by improper handling of memory in affected objects. The description notes this CVE is distinct from CVE-2020-1202 and does not provide explicit affected ver...

7.8CVSS8AI score0.00889EPSS
CVE
CVE
added 2024/10/08 5:36 p.m.116 views

CVE-2024-43603

CVE-2024-43603 is a Denial of Service vulnerability in the Visual Studio Diagnostics Hub Standard Collector (Visual Studio Collector Service). The MS security update description confirms a DoS in Diagnostics Hub Standard Collector when handling certain file operations. Remediations are provided v...

5.5CVSS5.7AI score0.00761EPSS
CVE
CVE
added 2021/04/13 7:32 p.m.114 views

CVE-2021-27064

CVE-2021-27064 is a local elevation-of-privilege vulnerability in the Microsoft Visual Studio Installer component. The CVSS details (CVSS:3.1) indicate a LOCAL, LOW-PRIVILEGE exploitation with no user interaction, leading to HIGH confidentiality, integrity, and availability impact if exploited, t...

7.8CVSS7.6AI score0.0059EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.113 views

CVE-2022-41119

CVE-2022-41119 concerns Microsoft Visual Studio Remote Code Execution. Connected sources describe it as a Visual Studio vulnerability leading to arbitrary code execution, attributed to insufficient input validation in Visual Studio and affecting multiple VS versions (including 2017/2019 and 2022 ...

7.8CVSS7.8AI score0.00774EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.111 views

CVE-2020-17100

CVE-2020-17100 is a Visual Studio tampering vulnerability with a Local access vector and a Medium impact entry (I:H, other impacts N). The connected sources confirm this vulnerability affects Microsoft Developer Tools including Visual Studio and related tooling, enabling spoofing of the user inte...

5.5CVSS5.4AI score0.008EPSS
CVE
CVE
added 2023/04/11 7:13 p.m.111 views

CVE-2023-28263

CVE-2023-28263 is described as a Visual Studio Information Disclosure Vulnerability. The associated records show a Medium base score (CVSS v3.1: 5.5) with Local attack vector, Low attack complexity, Low privileges required, and a High confidentiality impact, with no explicit exploitation details ...

5.5CVSS5.6AI score0.00555EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.110 views

CVE-2020-1278

CVE-2020-1278 relates to an elevation of privilege in the Diagnostics Hub Standard Collector Service due to improper file operations. The vulnerability enables local privilege elevation, as the service handles files in a way that can be exploited by an authenticated attacker with access to the sy...

7.8CVSS8.1AI score0.00785EPSS
CVE
CVE
added 2020/03/12 3:48 p.m.108 views

CVE-2020-0793

CVE-2020-0793 is an elevation-of-privilege vulnerability affecting the Diagnostics Hub Standard Collector Service, where improper handling of file operations enables local attacker exploitation. The CVSSv3.1 vector indicates LOCAL access, LOW attack complexity, LOW privileges required, and NONE u...

7.8CVSS8.5AI score0.00788EPSS
Total number of security vulnerabilities118