Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftVisual Studio

91 matches found

cve
cveadded 2022/08/09 8:15 p.m.111 views

CVE-2022-35826

Visual Studio Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.02005EPSS
cve
cveadded 2020/05/21 11:15 p.m.110 views

CVE-2020-1161

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

7.5CVSS7.3AI score0.03721EPSS
cve
cveadded 2021/01/12 8:15 p.m.110 views

CVE-2021-1651

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00462EPSS
cve
cveadded 2021/04/13 8:15 p.m.109 views

CVE-2021-28321

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01106EPSS
cve
cveadded 2020/03/12 4:15 p.m.108 views

CVE-2020-0810

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system.An attacker could then run a specially cr...

7.8CVSS8.6AI score0.00404EPSS
cve
cveadded 2020/07/14 11:15 p.m.106 views

CVE-2020-1393

An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418.

7.8CVSS8AI score0.00709EPSS
cve
cveadded 2009/10/14 10:30 a.m.105 views

CVE-2009-2501

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP...

9.3CVSS9.7AI score0.42403EPSS
cve
cveadded 2011/08/10 9:55 p.m.105 views

CVE-2011-1976

Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability."

4.3CVSS5AI score0.7901EPSS
cve
cveadded 2021/01/12 8:15 p.m.103 views

CVE-2021-1680

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00347EPSS
cve
cveadded 2021/04/13 8:15 p.m.103 views

CVE-2021-28313

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00674EPSS
cve
cveadded 2020/09/11 5:15 p.m.102 views

CVE-2020-16874

<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an a...

9.3CVSS7.9AI score0.10178EPSS
cve
cveadded 2021/04/13 8:15 p.m.100 views

CVE-2021-28322

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00686EPSS
cve
cveadded 2009/10/14 10:30 a.m.97 views

CVE-2009-2502

Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E...

9.3CVSS9.7AI score0.42434EPSS
cve
cveadded 2019/04/09 3:29 a.m.97 views

CVE-2019-0809

A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'.

7.8CVSS7.3AI score0.15092EPSS
cve
cveadded 2020/06/09 8:15 p.m.95 views

CVE-2020-1257

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1278, CVE-2020-1293.

7.8CVSS8.1AI score0.00694EPSS
cve
cveadded 2020/06/09 8:15 p.m.95 views

CVE-2020-1293

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1278.

7.8CVSS8.1AI score0.00694EPSS
cve
cveadded 2020/06/09 8:15 p.m.94 views

CVE-2020-1203

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1202.

7.8CVSS8AI score0.00744EPSS
cve
cveadded 2024/10/08 6:15 p.m.93 views

CVE-2024-43603

Visual Studio Collector Service Denial of Service Vulnerability

5.5CVSS5.7AI score0.00166EPSS
cve
cveadded 2018/04/12 1:29 a.m.87 views

CVE-2018-1037

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.

4.3CVSS3.9AI score0.06421EPSS
cve
cveadded 2020/03/12 4:15 p.m.85 views

CVE-2020-0793

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00377EPSS
cve
cveadded 2020/06/09 8:15 p.m.85 views

CVE-2020-1278

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1293.

7.8CVSS8.1AI score0.00694EPSS
cve
cveadded 2009/10/14 10:30 a.m.83 views

CVE-2009-2503

GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Of...

9.3CVSS9.6AI score0.41156EPSS
cve
cveadded 2014/05/20 11:55 p.m.82 views

CVE-2014-3802

msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (...

6.8CVSS7.9AI score0.1121EPSS
cve
cveadded 2020/04/15 3:15 p.m.82 views

CVE-2020-0899

An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka 'Microsoft Visual Studio Elevation of Privilege Vulnerability'.

5.5CVSS6.8AI score0.0034EPSS
cve
cveadded 2009/10/14 10:30 a.m.81 views

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project...

9.3CVSS9.7AI score0.46054EPSS
cve
cveadded 2020/03/12 4:15 p.m.76 views

CVE-2020-0789

A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links, aka 'Visual Studio Extension Installer Service Denial of Service Vulnerability'.

7.1CVSS6.9AI score0.00304EPSS
cve
cveadded 2018/07/11 12:29 a.m.75 views

CVE-2018-8232

A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code, aka "Microsoft Macro Assembler Tampering Vulnerability." This affects Microsoft Visual Studio.

7.8CVSS7.5AI score0.00289EPSS
cve
cveadded 2020/03/12 4:15 p.m.70 views

CVE-2020-0884

A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL, aka 'Microsoft Visual Studio Spoofing Vulnerability'.

4.3CVSS4.9AI score0.02187EPSS
cve
cveadded 2020/04/15 3:15 p.m.70 views

CVE-2020-0900

An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka 'Visual Studio Extension Installer Service Elevation of Privilege Vulnerability'.

5.5CVSS6.8AI score0.00449EPSS
cve
cveadded 2008/08/18 7:41 p.m.64 views

CVE-2008-3704

Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to ...

9.3CVSS7.7AI score0.81776EPSS
cve
cveadded 2019/12/10 10:15 p.m.64 views

CVE-2019-1486

A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host, aka 'Visual Studio Live Share Spoofing Vulnerability'.

6.1CVSS7.2AI score0.00292EPSS
cve
cveadded 2019/11/12 7:15 p.m.62 views

CVE-2019-1425

An elevation of privilege vulnerability exists when Visual Studio fails to properly validate hardlinks while extracting archived files, aka 'Visual Studio Elevation of Privilege Vulnerability'.

6.5CVSS6.4AI score0.07507EPSS
cve
cveadded 2000/03/22 5:0 a.m.50 views

CVE-2000-0162

The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.

5.1CVSS6.8AI score0.01479EPSS
cve
cveadded 2006/03/07 11:2 a.m.49 views

CVE-2006-1043

Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).

5.1CVSS7.7AI score0.65612EPSS
cve
cveadded 2007/08/08 11:17 p.m.46 views

CVE-2007-4254

Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-...

6.8CVSS8AI score0.42713EPSS
cve
cveadded 2001/05/07 4:0 a.m.45 views

CVE-2001-0153

Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.

7.5CVSS7.7AI score0.02042EPSS
cve
cveadded 2007/09/14 1:17 a.m.44 views

CVE-2007-4890

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

5.8CVSS6.6AI score0.2651EPSS
cve
cveadded 2006/08/31 10:4 p.m.41 views

CVE-2006-4494

Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, a...

7.5CVSS8AI score0.52482EPSS
cve
cveadded 2007/01/24 1:28 a.m.40 views

CVE-2007-0468

Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file.

6.8CVSS7.9AI score0.34544EPSS
cve
cveadded 2007/09/14 1:17 a.m.39 views

CVE-2007-4891

A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other i...

6.8CVSS7.2AI score0.57927EPSS
cve
cveadded 2025/07/08 5:16 p.m.17 views

CVE-2025-49739

Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.

8.8CVSS6.5AI score0.00049EPSS
Total number of security vulnerabilities91