Lucene search
K
MicrosoftVisual Studio2012

11 matches found

CVE
CVE
added 2022/08/09 8:12 p.m.265 views

CVE-2022-35827

CVE-2022-35827 is a Visual Studio remote code execution vulnerability affecting multiple Visual Studio releases (e.g., 2012 Update 5, 2013 Update 5, 2015 Update 3) via the VSGraphics component. Microsoft update pages (KB5016314/KB5016315/KB5016316) describe security updates with specific hotfix f...

8.8CVSS8.8AI score0.01779EPSS
CVE
CVE
added 2022/08/09 7:59 p.m.172 views

CVE-2022-35777

CVE-2022-35777 is a Visual Studio remote code execution vulnerability affecting the VSGraphics component. Connected sources (KB/MSRC/NVD) identify it as a Fbx File parser Heap overflow vulnerability within Visual Studio product lines, with references listing affected versions (including VS 2012 U...

8.8CVSS8.8AI score0.0168EPSS
CVE
CVE
added 2022/08/09 8:12 p.m.150 views

CVE-2022-35826

CVE-2022-35826 is a Visual Studio remote code execution vulnerability affecting multiple Visual Studio versions through the VSGraphics component, with Microsoft’s August 2022 updates addressing CVE-2022-35826 alongside related CVEs (e.g., 35825, 35777, 35827). The Microsoft advisories describe an...

8.8CVSS8.8AI score0.01779EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.147 views

CVE-2020-16856

CVE-2020-16856 is a Visual Studio remote code execution vulnerability. The issue arises from how Visual Studio handles objects in memory, enabling an attacker to run arbitrary code in the context of the current user. If the user runs Visual Studio with administrative rights, the attacker could ta...

9.3CVSS8.8AI score0.04369EPSS
CVE
CVE
added 2018/07/11 12:0 a.m.146 views

CVE-2018-8172

The CVE-2018-8172 entry pertains to a remote code execution vulnerability in Visual Studio family (including Visual Studio and Expression Blend) where the product fails to validate the source markup of an unbuilt project file. Root cause: improper handling of source markup in unbuilt files leadin...

9.3CVSS7.9AI score0.31016EPSS
CVE
CVE
added 2019/07/15 6:56 p.m.142 views

CVE-2019-1079

CVE-2019-1079 affects Microsoft Visual Studio. The vulnerability arises when Visual Studio improperly parses XML input in certain settings files, enabling an XML external entity (XXE) for information disclosure. An attacker who can entice an authenticated user to open a crafted XML file could rea...

6.5CVSS6.7AI score0.06124EPSS
CVE
CVE
added 2019/01/08 9:0 p.m.141 views

CVE-2019-0537

CVE-2019-0537 is an information disclosure vulnerability in Microsoft Visual Studio. The vulnerability arises when a user opens a malicious .vscontent file, which could allow an attacker to view arbitrary file contents on the victim’s machine. The NVD entry lists a CVSS v2 base score of 4.3 (MEDI...

5.5CVSS5.1AI score0.07614EPSS
CVE
CVE
added 2022/08/09 8:12 p.m.135 views

CVE-2022-35825

Technical details about CVE-2022-35825 are not publicly provided in the supplied documents. No explicit affected product version, root cause, or remediation is described here. Monitor for official updates from Microsoft and security advisories.

8.8CVSS8.8AI score0.01779EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.128 views

CVE-2020-16874

CVE-2020-16874 is a Visual Studio remote code execution vulnerability caused by improper handling of objects in memory. Exploitation requires a user to open a specially crafted file, potentially allowing arbitrary code execution in the current user context with Administrative rights. Microsoft an...

9.3CVSS8.9AI score0.04285EPSS
CVE
CVE
added 2018/04/12 1:0 a.m.116 views

CVE-2018-1037

CVE-2018-1037 affects Microsoft Visual Studio family. The vulnerability is an information disclosure caused by improper handling of uninitialized memory when compiling Program Database (PDB) files, allowing disclosure of limited memory contents. The NVD entry lists CVSSv3 base score 4.3 (Medium),...

4.3CVSS3.9AI score0.05881EPSS
CVE
CVE
added 2014/05/20 11:0 p.m.110 views

CVE-2014-3802

The CVE-2014-3802 issue affects msdia.dll (Microsoft Debug Interface Access Library) in Visual Studio prior to 2013. The root cause is a failure to validate an unspecified variable when calculating a dynamic-call address while parsing PDB files, leading to memory corruption. Impact per sources: r...

6.8CVSS7.9AI score0.10926EPSS