123 matches found
CVE-2023-28263
CVE-2023-28263 is described as a Visual Studio Information Disclosure Vulnerability. The associated records show a Medium base score (CVSS v3.1: 5.5) with Local attack vector, Low attack complexity, Low privileges required, and a High confidentiality impact, with no explicit exploitation details ...
CVE-2026-32175
The CVE-2026-32175 entry describes a tampering vulnerability in .NET Core where specially crafted files could cause writing of arbitrary files/directories to certain locations. The exploitation requires sending a crafted file to a vulnerable system, and the attacker would have limited control ove...
CVE-2025-29804
CVE-2025-29804 is an elevation-of-privilege vulnerability in Microsoft Visual Studio caused by improper access control. A local attacker with LOW privileges and requiring user interaction could elevate privileges on affected Visual Studio components. Public notes reference affected Visual Studio ...
CVE-2025-21405
CVE-2025-21405 is a Microsoft Visual Studio elevation-of-privilege vulnerability. Affected: Visual Studio and related developer tools; root cause is elevation of privileges in the Visual Studio/.NET stack. Impact: local privilege escalation with high confidentiality/integrity/availability risk (p...
CVE-2025-29802
CVE-2025-29802 (Visual Studio Elevation of Privilege) is a local elevation-of-privilege vulnerability in Microsoft Visual Studio caused by improper access control. The issue affects Visual Studio-related components (e.g., Visual Studio 2022 up to version 17.12 and related tooling) and can be expl...
CVE-2023-21567
CVE-2023-21567 is a Microsoft Visual Studio denial-of-service vulnerability. Connected sources confirm it affects Visual Studio and related developer tools, with CVSSv3.1 base score 5.6 (Medium) and a local attack vector requiring user interaction. Public documents describe a DoS impact and list ...
CVE-2025-24998
CVE-2025-24998 is an Elevation of Privilege vulnerability in Visual Studio caused by an Uncontrolled search path element. A local attacker with low privileges and user interaction can potentially escalate to higher privileges. CVSSv3 base score 7.3 (HIGH); impact on confidentiality, integrity, an...
CVE-2024-29060
CVE-2024-29060 is an elevation of privilege vulnerability in Microsoft Visual Studio family. The CVE affects multiple VS versions (e.g., Visual Studio 2017–2022 lineups) with a root cause described across sources as an elevation of privileges vulnerability that can be exploited to gain higher pri...
CVE-2025-25003
CVE-2025-25003 affects Visual Studio and is described as an Elevation of Privilege vulnerability caused by an Uncontrolled search path element. The CVE entry indicates local privilege escalation with high impact; exploitation details are not provided in the documents. Microsoft has published upda...
CVE-2025-21206
The CVE-2025-21206 issue concerns the Visual Studio installers with an elevation-of-privilege vulnerability. A concrete root cause mentioned in connected PT-2025-6298 is an uncontrolled search path element affecting the Visual Studio Installer, which could allow a local attacker to gain higher pr...
CVE-2025-49739
CVE-2025-49739: Visual Studio elevation of privilege due to improper link resolution before file access ("link following"). The issue could allow a network-access attacker to elevate privileges on a affected machine. Connected sources indicate this CVE has public exploits (per Kaspersky entry in ...
CVE-2024-30052
CVE-2024-30052 affects Microsoft Visual Studio and is described as a remote code execution vulnerability with a CVSS v3.1 base score of 4.7 (Medium). The metrics indicate LOCAL exploitation, user interaction required, HIGH integrity impact, and no confidentiality impact. Connected sources corrobo...
CVE-2025-32703
CVE-2025-32703 (Visual Studio) is an information-disclosure vulnerability caused by insufficient granularity of access control in Visual Studio, enabling an authorized, local attacker to disclose information. The vulnerability affects multiple Visual Studio releases (2017 15.x, 2019 16.x, 2022 17...
CVE-2025-32702
CVE-2025-32702 is a Visual Studio command-injection vulnerability (Improper neutralization of special elements used in a command) that allows local code execution. Affected products include Microsoft Visual Studio 2019/2022 and related Build Tools; attack vector is LOCAL with LOW complexity, req...
CVE-2024-49044
CVE-2024-49044 is an Elevation of Privilege issue affecting Microsoft Visual Studio. Connected sources corroborate it as a Visual Studio privilege-escalation vulnerability; exact root cause and affected product versions are not fully enumerated in the provided documents. The NVD/NCSC entries labe...
CVE-2025-47959
CVE-2025-47959 is a Visual Studio remote code execution bug caused by improper neutralization of command elements (command injection). Affects Visual Studio components exposed over network; attacker with network access and low privileges, but user interaction is required per the CVSS, enabling co...
CVE-2026-21256
CVE-2026-21256 affects GitHub Copilot and Visual Studio. It is a command injection vulnerability described as improper neutralization of special elements in a command, enabling code execution over a network. CVSS 3.1 base score 8.8 (HIGH) with NETWORK attack vector, no privileges, user interactio...
CVE-2026-32178
CVE-2026-32178 affects .NET’s System.Net.Mail parsing and enables spoofing over the network. Connected advisories confirm impact across .NET 8/9/10 and list fixed versions: .NET 8.0.26, 9.0.15, and 10.0.6 (SDKs/Runtimes). Mitigation is to upgrade affected runtimes/SDKs to these patched versions o...
CVE-2025-55240
CVE-2025-55240 is a Visual Studio elevation-of-privilege issue described as an improper access control that lets an authorized attacker escalate to full local privileges. CVSS indicates local attack, low attack complexity, required low privileges, and user interaction, with high impact on confide...
CVE-2026-21257
CVE-2026-21257 affects GitHub Copilot and Visual Studio. It involves improper neutralization of special elements used in a command (command injection), enabling an authorized attacker to elevate privileges over a network. Root cause: inadequate input handling in command construction. Impact per C...
CVE-2026-32203
CVE-2026-32203 is listed in the connected Nessus advisories as a Denial of Service via stack overflow affecting .NET components across multiple Linux distributions. The provided documents do not specify exact affected versions, vulnerable component details, exploit methods, or remediation steps.
CVE-2025-62214
CVE-2025-62214 is a Visual Studio remote code execution vulnerability stemming from improper neutralization of special elements in a command, enabling локally authenticated code execution. According to the CVE records, the issue affects Visual Studio and is assigned CVSS 3.1: Local, High impact o...
CVE-2026-47305
Technical details such as affected products, component versions, root cause, and mitigation are not publicly available in the provided documents. Monitor for updates from MSRC and NCSC advisories.