11 matches found
CVE-2022-35827
CVE-2022-35827 is a Visual Studio remote code execution vulnerability affecting multiple Visual Studio releases (e.g., 2012 Update 5, 2013 Update 5, 2015 Update 3) via the VSGraphics component. Microsoft update pages (KB5016314/KB5016315/KB5016316) describe security updates with specific hotfix f...
CVE-2022-35777
CVE-2022-35777 is a Visual Studio remote code execution vulnerability affecting the VSGraphics component. Connected sources (KB/MSRC/NVD) identify it as a Fbx File parser Heap overflow vulnerability within Visual Studio product lines, with references listing affected versions (including VS 2012 U...
CVE-2022-35826
CVE-2022-35826 is a Visual Studio remote code execution vulnerability affecting multiple Visual Studio versions through the VSGraphics component, with Microsoft’s August 2022 updates addressing CVE-2022-35826 alongside related CVEs (e.g., 35825, 35777, 35827). The Microsoft advisories describe an...
CVE-2020-16856
CVE-2020-16856 is a Visual Studio remote code execution vulnerability. The issue arises from how Visual Studio handles objects in memory, enabling an attacker to run arbitrary code in the context of the current user. If the user runs Visual Studio with administrative rights, the attacker could ta...
CVE-2018-8172
The CVE-2018-8172 entry pertains to a remote code execution vulnerability in Visual Studio family (including Visual Studio and Expression Blend) where the product fails to validate the source markup of an unbuilt project file. Root cause: improper handling of source markup in unbuilt files leadin...
CVE-2019-1079
CVE-2019-1079 affects Microsoft Visual Studio. The vulnerability arises when Visual Studio improperly parses XML input in certain settings files, enabling an XML external entity (XXE) for information disclosure. An attacker who can entice an authenticated user to open a crafted XML file could rea...
CVE-2019-0537
CVE-2019-0537 is an information disclosure vulnerability in Microsoft Visual Studio. The vulnerability arises when a user opens a malicious .vscontent file, which could allow an attacker to view arbitrary file contents on the victim’s machine. The NVD entry lists a CVSS v2 base score of 4.3 (MEDI...
CVE-2022-35825
Technical details about CVE-2022-35825 are not publicly provided in the supplied documents. No explicit affected product version, root cause, or remediation is described here. Monitor for official updates from Microsoft and security advisories.
CVE-2020-16874
CVE-2020-16874 is a Visual Studio remote code execution vulnerability caused by improper handling of objects in memory. Exploitation requires a user to open a specially crafted file, potentially allowing arbitrary code execution in the current user context with Administrative rights. Microsoft an...
CVE-2018-1037
CVE-2018-1037 affects Microsoft Visual Studio family. The vulnerability is an information disclosure caused by improper handling of uninitialized memory when compiling Program Database (PDB) files, allowing disclosure of limited memory contents. The NVD entry lists CVSSv3 base score 4.3 (Medium),...
CVE-2014-3802
The CVE-2014-3802 issue affects msdia.dll (Microsoft Debug Interface Access Library) in Visual Studio prior to 2013. The root cause is a failure to validate an unspecified variable when calculating a dynamic-call address while parsing PDB files, leading to memory corruption. Impact per sources: r...