Lucene search
K
MicrosoftVisual Studio 2019

118 matches found

CVE
CVE
•added 2020/04/15 3:12 p.m.•100 views

CVE-2020-0899

CVE-2020-0899 describes an elevation of privilege in Microsoft Visual Studio updater service caused by improper handling of file permissions. An attacker who can log on to the system and exploit this flaw could write/overwrite files in the security context of the local system, potentially leading...

5.5CVSS6.8AI score0.0076EPSS
CVE
CVE
•added 2021/11/10 12:47 a.m.•100 views

CVE-2021-42319

CVE-2021-42319 corresponds to a Visual Studio elevation-of-privilege vulnerability. Publicly referenced details indicate local, low-complexity access with user rights required for exploitation, resulting in privilege escalation and, per sources, high impact on availability. NVD metrics show CVSSv...

5.5CVSS4.9AI score0.00456EPSS
CVE
CVE
•added 2023/02/14 8:9 p.m.•100 views

CVE-2023-21567

CVE-2023-21567 is a Microsoft Visual Studio denial-of-service vulnerability. Connected sources confirm it affects Visual Studio and related developer tools, with CVSSv3.1 base score 5.6 (Medium) and a local attack vector requiring user interaction. Public documents describe a DoS impact and list ...

5.6CVSS5.8AI score0.00799EPSS
CVE
CVE
•added 2019/08/14 8:55 p.m.•97 views

CVE-2019-1211

CVE-2019-1211 is an elevation of privilege vulnerability in Git for Visual Studio stemming from improper parsing of Git configuration files. The authenticated attacker could modify configuration files before full installation and then convince another user to run specific Git commands, executing ...

7.3CVSS7.5AI score0.01654EPSS
CVE
CVE
•added 2025/03/11 4:59 p.m.•97 views

CVE-2025-24998

CVE-2025-24998 is an Elevation of Privilege vulnerability in Visual Studio caused by an Uncontrolled search path element. A local attacker with low privileges and user interaction can potentially escalate to higher privileges. CVSSv3 base score 7.3 (HIGH); impact on confidentiality, integrity, an...

7.3CVSS7.2AI score0.00417EPSS
CVE
CVE
•added 2024/06/11 4:59 p.m.•96 views

CVE-2024-29060

CVE-2024-29060 is an elevation of privilege vulnerability in Microsoft Visual Studio family. The CVE affects multiple VS versions (e.g., Visual Studio 2017–2022 lineups) with a root cause described across sources as an elevation of privileges vulnerability that can be exploited to gain higher pri...

6.7CVSS6.8AI score0.00892EPSS
CVE
CVE
•added 2025/03/11 4:59 p.m.•96 views

CVE-2025-25003

CVE-2025-25003 affects Visual Studio and is described as an Elevation of Privilege vulnerability caused by an Uncontrolled search path element. The CVE entry indicates local privilege escalation with high impact; exploitation details are not provided in the documents. Microsoft has published upda...

7.3CVSS7.2AI score0.00417EPSS
CVE
CVE
•added 2020/03/12 3:48 p.m.•92 views

CVE-2020-0789

CVE-2020-0789 concerns a denial-of-service flaw in the Visual Studio Extension Installer Service due to improper handling of hard links. The vulnerability affects Microsoft Visual Studio-related components and could allow a local attacker to cause the target system to stop responding (DoS) and, p...

7.1CVSS6.9AI score0.00863EPSS
CVE
CVE
•added 2020/04/15 3:12 p.m.•90 views

CVE-2020-0900

CVE-2020-0900 describes an elevation of privilege vulnerability in the Visual Studio Extension Installer Service caused by improper handling of file operations. An attacker with local access could log on and run a specially crafted application to exploit this flaw. Microsoft’s MSRC advisory and t...

5.5CVSS6.8AI score0.0076EPSS
CVE
CVE
•added 2025/02/11 5:58 p.m.•90 views

CVE-2025-21206

The CVE-2025-21206 issue concerns the Visual Studio installers with an elevation-of-privilege vulnerability. A concrete root cause mentioned in connected PT-2025-6298 is an uncontrolled search path element affecting the Visual Studio Installer, which could allow a local attacker to gain higher pr...

7.3CVSS7.4AI score0.00676EPSS
CVE
CVE
•added 2020/03/12 3:48 p.m.•89 views

CVE-2020-0884

CVE-2020-0884 describes a spoofing vulnerability in Microsoft Visual Studio where a reply URL is not secured by SSL. An attacker who exploits this could compromise access tokens used during development workflows (e.g., when working with an Outlook Web Add-in) and thereby gain security/privacy ris...

4.3CVSS4.9AI score0.01629EPSS
CVE
CVE
•added 2019/12/10 9:41 p.m.•86 views

CVE-2019-1486

The CVE-2019-1486 entry describes a spoofing vulnerability in Microsoft Visual Studio Live Share: when a guest joins a Live Share session, the host can redirect the guest to an arbitrary URL, potentially causing the guest’s browser to navigate to that URL without consent. Affected products includ...

6.1CVSS7.2AI score0.01482EPSS
CVE
CVE
•added 2025/07/08 4:58 p.m.•86 views

CVE-2025-49739

CVE-2025-49739: Visual Studio elevation of privilege due to improper link resolution before file access ("link following"). The issue could allow a network-access attacker to elevate privileges on a affected machine. Connected sources indicate this CVE has public exploits (per Kaspersky entry in ...

8.8CVSS6.5AI score0.00771EPSS
CVE
CVE
•added 2024/06/11 5:0 p.m.•85 views

CVE-2024-30052

CVE-2024-30052 affects Microsoft Visual Studio and is described as a remote code execution vulnerability with a CVSS v3.1 base score of 4.7 (Medium). The metrics indicate LOCAL exploitation, user interaction required, HIGH integrity impact, and no confidentiality impact. Connected sources corrobo...

4.7CVSS5.4AI score0.01354EPSS
CVE
CVE
•added 2025/05/13 4:58 p.m.•82 views

CVE-2025-32703

CVE-2025-32703 (Visual Studio) is an information-disclosure vulnerability caused by insufficient granularity of access control in Visual Studio, enabling an authorized, local attacker to disclose information. The vulnerability affects multiple Visual Studio releases (2017 15.x, 2019 16.x, 2022 17...

5.5CVSS6.7AI score0.00425EPSS
CVE
CVE
•added 2019/11/12 6:53 p.m.•80 views

CVE-2019-1425

CVE-2019-1425 (Visual Studio Elevation of Privilege Vulnerability) : The issue arises when Visual Studio fails to properly validate hardlinks during extraction of archived files. Root cause is improper hardlink validation introduced via npm-packages (tar and fstream) used by Visual Studio. Exploi...

6.5CVSS6.4AI score0.03116EPSS
CVE
CVE
•added 2025/05/13 4:59 p.m.•77 views

CVE-2025-32702

CVE-2025-32702 is a Visual Studio command-injection vulnerability (Improp­er neutralization of special elements used in a command) that allows local code execution. Affected products include Microsoft Visual Studio 2019/2022 and related Build Tools; attack vector is LOCAL with LOW complexity, req...

7.8CVSS7.6AI score0.00526EPSS
CVE
CVE
•added 2025/10/14 5:0 p.m.•38 views

CVE-2025-55240

CVE-2025-55240 is a Visual Studio elevation-of-privilege issue described as an improper access control that lets an authorized attacker escalate to full local privileges. CVSS indicates local attack, low attack complexity, required low privileges, and user interaction, with high impact on confide...

7.3CVSS6.5AI score0.00343EPSS
Total number of security vulnerabilities118