Lucene search
K
MicrosoftVisual Studio Code-

14 matches found

CVE
CVE
added 2022/04/15 7:6 p.m.257 views

CVE-2022-26921

CVE-2022-26921 is a Local Privilege Escalation affecting Visual Studio Code. According to the CVE data, the vulnerability supports local attack vector, requires LOW privileges, and does not require user interaction (UI: NONE). The impact is described as high for confidentiality, integrity, and av...

7.8CVSS7.4AI score0.0057EPSS
CVE
CVE
added 2022/02/09 4:36 p.m.237 views

CVE-2022-21991

CVE-2022-21991 is a remote code execution vulnerability in the Visual Studio Code Remote Development Extension. The provided documents confirm an RCE impact (high severity, CVSS v3.1 base 8.1) with network-based access and no user interaction, but do not specify affected product versions or explo...

8.1CVSS8.3AI score0.02075EPSS
CVE
CVE
added 2020/10/16 10:18 p.m.168 views

CVE-2020-16977

CVE-2020-16977 describes a remote code execution vulnerability in Visual Studio Code arising when the Python extension loads a Jupyter notebook file. An attacker who can entice a user to open a specially crafted notebook could run arbitrary code in the user’s context, potentially gaining full sys...

9.3CVSS8AI score0.03104EPSS
CVE
CVE
added 2021/02/25 11:1 p.m.164 views

CVE-2021-1639

CVE-2021-1639 appears as a Visual Studio Code remote code execution vulnerability. Connected sources confirm Visual Studio Code is affected and note public exploits exist (Kaspersky). The documents provide high-severity impact for this CVE but do not consistently expose concrete root-cause detail...

7.8CVSS7AI score0.01978EPSS
CVE
CVE
added 2022/09/13 6:42 p.m.139 views

CVE-2022-38020

CVE-2022-38020 affects Visual Studio Code. The connected Nessus entry confirms a privilege-escalation vulnerability in VS Code versions prior to 1.17.1. An authenticated, local attacker can exploit this to elevate privileges to those of another user on the affected system. The plugin text notes a...

7.3CVSS7.4AI score0.00936EPSS
CVE
CVE
added 2020/10/16 10:18 p.m.116 views

CVE-2020-17023

CVE-2020-17023 — Visual Studio Code remote code execution Affected product: Visual Studio Code. Vulnerability: A remote code execution flaw occurs when a user is tricked into opening a malicious package.json; attacker-supplied code runs in the context of the current user. Exploitation requires co...

9.3CVSS8.5AI score0.04243EPSS
CVE
CVE
added 2022/10/11 12:0 a.m.111 views

CVE-2022-41042

CVE-2022-41042 is a Visual Studio Code information disclosure vulnerability. The CVE entry concerns Visual Studio Code and related tooling; the vulnerability is described as information disclosure with a CVSSv3.1 base score of 7.4 (HIGH), requiring user interaction and with network attack vector ...

7.4CVSS7.4AI score0.01922EPSS
CVE
CVE
added 2024/10/08 5:36 p.m.108 views

CVE-2024-43488

CVE-2024-43488 affects the Visual Studio Code extension for Arduino. The vulnerability is a missing authentication in a critical function, enabling remote code execution over a network attack vector. Impact per sources is arbitrary code execution with high/critical severity. Affected component is...

9.8CVSS9.8AI score0.01132EPSS
CVE
CVE
added 2021/09/15 11:23 a.m.105 views

CVE-2021-26437

CVE-2021-26437 concerns a spoofing vulnerability in Microsoft Visual Studio Code. The available documents describe a UI spoofing issue in VS Code with a local attack vector, requiring user interaction, and separate risk details. A remediation referenced by a Nessus plugin indicates updating to Vi...

5.5CVSS5.8AI score0.02013EPSS
CVE
CVE
added 2021/03/11 3:49 p.m.98 views

CVE-2021-27060

CVE-2021-27060 is a reported vulnerability in Microsoft Visual Studio Code described as a remote code execution issue related to Visual Studio Code. The connected sources identify this as an arbitrary code execution vulnerability in VS Code, exploitable by convincing a user to open specially craf...

7.8CVSS7.8AI score0.02911EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.97 views

CVE-2020-17104

CVE-2020-17104 concerns Visual Studio Code JSHint Extension. Root cause per PT-2020-4828: insufficient input validation in the Visual Studio Code editor, enabling a remote attacker to execute arbitrary code via a specially crafted file. The connected document does not specify affected versions or...

9.3CVSS7.9AI score0.03551EPSS
CVE
CVE
added 2021/12/15 2:15 p.m.89 views

CVE-2021-43908

CVE-2021-43908 affects Visual Studio Code and is described as a spoofing vulnerability. Connected documents reference an exploit repository (githubexploit: Sudistark/vscode-rce-electrovolt) and related advisories, but the provided materials do not include concrete technical details such as vulner...

4.3CVSS5AI score0.02691EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.85 views

CVE-2019-0728

CVE-2019-0728 describes a remote code execution vulnerability in Visual Studio Code: if the editor processes environment variables when a project is opened, an attacker could run arbitrary code in the current user context. Exploitation requires user action to clone a repository and open it in VS ...

9.3CVSS8.1AI score0.27705EPSS
CVE
CVE
added 2018/06/26 2:0 p.m.59 views

CVE-2018-0597

CVE-2018-0597 is an untrusted search path vulnerability in the Visual Studio Code installer. A malicious DLL located in the same directory as the installer can be loaded, enabling arbitrary code execution with the privileges of the invoking user. Affected component: the VS Code installer; root ca...

7.8CVSS7.7AI score0.0513EPSS