Lucene search
K
MicrosoftVisual Studio2015

31 matches found

CVE
CVE
added 2022/08/09 8:12 p.m.266 views

CVE-2022-35827

CVE-2022-35827 is a Visual Studio remote code execution vulnerability affecting multiple Visual Studio releases (e.g., 2012 Update 5, 2013 Update 5, 2015 Update 3) via the VSGraphics component. Microsoft update pages (KB5016314/KB5016315/KB5016316) describe security updates with specific hotfix f...

8.8CVSS8.8AI score0.01779EPSS
CVE
CVE
added 2023/06/14 2:52 p.m.266 views

CVE-2023-24897

CVE-2023-24897 covers a .NET/.NET Framework/Visual Studio Remote Code Execution vulnerability. Public advisories attribute the flaw to the MSDIA SDK (causing heap overflow due to corrupted PDBs) and enable RCE under certain conditions. Affected products include .NET 6/7 runtimes and corresponding...

7.8CVSS7.9AI score0.01184EPSS
CVE
CVE
added 2024/01/09 5:57 p.m.248 views

CVE-2024-20656

CVE-2024-20656 is a Microsoft Visual Studio elevation-of-privilege vulnerability. Public sources indicate it stems from how Diagnostics Hub Standard Collector handles data operations, enabling a local attacker to gain SYSTEM privileges when exploiting Visual Studio components. The vulnerability i...

7.8CVSS7.6AI score0.03913EPSS
CVE
CVE
added 2021/11/10 12:47 a.m.192 views

CVE-2021-42277

Technical details about CVE-2021-42277 are not provided in the connected documents; only generic vulnerability labels and references are available. Monitor for official advisories or CVE records for affected products, fixes, and mitigations.

7.8CVSS6.5AI score0.00792EPSS
CVE
CVE
added 2022/08/09 7:59 p.m.177 views

CVE-2022-35777

CVE-2022-35777 is a Visual Studio remote code execution vulnerability affecting the VSGraphics component. Connected sources (KB/MSRC/NVD) identify it as a Fbx File parser Heap overflow vulnerability within Visual Studio product lines, with references listing affected versions (including VS 2012 U...

8.8CVSS8.8AI score0.0168EPSS
CVE
CVE
added 2021/01/12 7:42 p.m.170 views

CVE-2021-1651

Technical details about CVE-2021-1651 are not provided in the supplied documents; only the vulnerability is named. Monitor for updates from official advisories.

7.8CVSS8.1AI score0.0081EPSS
CVE
CVE
added 2019/05/16 6:17 p.m.167 views

CVE-2019-0727

CVE-2019-0727 describes an elevation-of-privilege flaw in the Diagnostics Hub Standard Collector and the Visual Studio Standard Collector, allowing an attacker who can log on to delete files in arbitrary locations. The vulnerability is rooted in the collectors’ handling of file deletion permissio...

7.8CVSS7.3AI score0.01049EPSS
CVE
CVE
added 2023/06/13 11:25 p.m.153 views

CVE-2023-33139

CVE-2023-33139 describes an Information Disclosure vulnerability in Microsoft Visual Studio, tied to the VSGraphics component. Public disclosures indicate affected VS versions range from Visual Studio 2013 Update 5 through newer updates, with MSKB entries (KB5026454/KB5026455) outlining hotfixes ...

5.5CVSS5.5AI score0.00824EPSS
CVE
CVE
added 2022/08/09 8:12 p.m.151 views

CVE-2022-35826

CVE-2022-35826 is a Visual Studio remote code execution vulnerability affecting multiple Visual Studio versions through the VSGraphics component, with Microsoft’s August 2022 updates addressing CVE-2022-35826 alongside related CVEs (e.g., 35825, 35777, 35827). The Microsoft advisories describe an...

8.8CVSS8.8AI score0.01779EPSS
CVE
CVE
added 2019/09/11 9:24 p.m.150 views

CVE-2019-1232

CVE-2019-1232 is a local elevation-of-privilege flaw in the Diagnostics Hub Standard Collector Service. Affected: Diagnostics Hub Standard Collector Service; root cause: improper impersonation of certain file operations. Impact per sources: confidentiality, integrity, and availability are rated p...

7.8CVSS8AI score0.00834EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.149 views

CVE-2020-16856

CVE-2020-16856 is a Visual Studio remote code execution vulnerability. The issue arises from how Visual Studio handles objects in memory, enabling an attacker to run arbitrary code in the context of the current user. If the user runs Visual Studio with administrative rights, the attacker could ta...

9.3CVSS8.8AI score0.04369EPSS
CVE
CVE
added 2018/07/11 12:0 a.m.148 views

CVE-2018-8172

The CVE-2018-8172 entry pertains to a remote code execution vulnerability in Visual Studio family (including Visual Studio and Expression Blend) where the product fails to validate the source markup of an unbuilt project file. Root cause: improper handling of source markup in unbuilt files leadin...

9.3CVSS7.9AI score0.31016EPSS
CVE
CVE
added 2019/07/15 6:56 p.m.142 views

CVE-2019-1079

CVE-2019-1079 affects Microsoft Visual Studio. The vulnerability arises when Visual Studio improperly parses XML input in certain settings files, enabling an XML external entity (XXE) for information disclosure. An attacker who can entice an authenticated user to open a crafted XML file could rea...

6.5CVSS6.7AI score0.06124EPSS
CVE
CVE
added 2020/09/11 5:9 p.m.140 views

CVE-2020-1133

Technical details about CVE-2020-1133 are not publicly provided in the connected documents. Available sources mention Diagnostics Hub Standard Collector and the fix, but no affected versions, exploit specifics, or mitigation steps are given. Monitor for updates.

7.8CVSS6.5AI score0.00978EPSS
CVE
CVE
added 2020/09/11 5:9 p.m.137 views

CVE-2020-1130

CVE-2020-1130 affects the Diagnostics Hub Standard Collector. The issue is an elevation of privilege in the collector’s data handling, enabling a crafted local application to run processes in an elevated context. The vulnerability is addressed by updating how the Diagnostics Hub Standard Collecto...

7.8CVSS7AI score0.00777EPSS
CVE
CVE
added 2022/08/09 8:12 p.m.136 views

CVE-2022-35825

Technical details about CVE-2022-35825 are not publicly provided in the supplied documents. No explicit affected product version, root cause, or remediation is described here. Monitor for official updates from Microsoft and security advisories.

8.8CVSS8.8AI score0.01779EPSS
CVE
CVE
added 2018/12/12 12:0 a.m.135 views

CVE-2018-8599

CVE-2018-8599 is the Diagnostics Hub Standard Collector Service Elevation of Privilege vulnerability. The NVD entry states a local attacker could exploit improper impersonation of certain file operations to gain privileges on affected Microsoft software, including Visual Studio, Windows Server 20...

7.8CVSS8.4AI score0.0099EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.132 views

CVE-2020-1202

CVE-2020-1202 affects Diagnostics Hub Standard Collector or Visual Studio Standard Collector. Root cause: improper handling of memory objects leading to elevation of privilege. Impact: local elevation of privileges if exploited; CVSS data in the Initial document indicates HIGH severity. Exploitat...

7.8CVSS8AI score0.00889EPSS
CVE
CVE
added 2021/04/13 7:32 p.m.131 views

CVE-2021-28321

CVE-2021-28321 is a elevation-of-privilege issue in the Diagnostics Hub Standard Collector Service. The NVD entry lists a local, low-attack‑complexity vector with no authentication, achieving high impact on confidentiality, integrity, and availability (CVSS‑3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:...

7.8CVSS7.8AI score0.01281EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.130 views

CVE-2020-16874

CVE-2020-16874 is a Visual Studio remote code execution vulnerability caused by improper handling of objects in memory. Exploitation requires a user to open a specially crafted file, potentially allowing arbitrary code execution in the current user context with Administrative rights. Microsoft an...

9.3CVSS8.9AI score0.04285EPSS
CVE
CVE
added 2020/07/14 10:54 p.m.127 views

CVE-2020-1393

Summary: CVE-2020-1393 is an elevation of privilege in Windows Diagnostics Hub related to the Standard Collector Service failing to sanitize input, causing insecure library loading. The root cause is input validation/sanitization weaknesses leading to loading of untrusted libraries. This CVE is r...

7.8CVSS8AI score0.00919EPSS
CVE
CVE
added 2021/04/13 7:32 p.m.123 views

CVE-2021-28313

Technical details about CVE-2021-28313 are not publicly provided in the supplied documents. Monitor for updates from NVD, MSRC, and vendor advisories for affected components and fixes.

7.8CVSS7.7AI score0.01039EPSS
CVE
CVE
added 2018/04/12 1:0 a.m.119 views

CVE-2018-1037

CVE-2018-1037 affects Microsoft Visual Studio family. The vulnerability is an information disclosure caused by improper handling of uninitialized memory when compiling Program Database (PDB) files, allowing disclosure of limited memory contents. The NVD entry lists CVSSv3 base score 4.3 (Medium),...

4.3CVSS3.9AI score0.05881EPSS
CVE
CVE
added 2021/01/12 7:42 p.m.119 views

CVE-2021-1680

Technical details about CVE-2021-1680 are not publicly available in the provided connected documents. Monitor for updates for affected product, root cause, impact, and remediation information.

7.8CVSS8.1AI score0.00714EPSS
CVE
CVE
added 2021/04/13 7:32 p.m.119 views

CVE-2021-28322

Technical details about CVE-2021-28322 are not publicly provided in the supplied documents. No affected products, exploit information, or fixes are described here. Monitor for updates from the referenced advisories and vulnerability feeds.

7.8CVSS7.8AI score0.01039EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.118 views

CVE-2020-1257

Technical details about CVE-2020-1257 are not provided in the connected documents. Public aliases, affected components, impact or fixes are not specified here; monitor for authoritative updates.

7.8CVSS8.1AI score0.00785EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.117 views

CVE-2020-1203

CVE-2020-1203 is an elevation of privilege affecting the Diagnostics Hub Standard Collector and the Visual Studio Standard Collector, caused by improper handling of memory in affected objects. The description notes this CVE is distinct from CVE-2020-1202 and does not provide explicit affected ver...

7.8CVSS8AI score0.00889EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.117 views

CVE-2020-1293

CVE-2020-1293 is an Elevation of Privilege vulnerability in Diagnostics Hub Standard Collector Service where file operations are mishandled. The connected AVLeonarov item places CVE-2020-1293 under Diagnostics Hub Standard Collector EOP and lists it alongside CVE-2020-1257 and CVE-2020-1278, but ...

7.8CVSS8.1AI score0.00785EPSS
CVE
CVE
added 2024/10/08 5:36 p.m.116 views

CVE-2024-43603

CVE-2024-43603 is a Denial of Service vulnerability in the Visual Studio Diagnostics Hub Standard Collector (Visual Studio Collector Service). The MS security update description confirms a DoS in Diagnostics Hub Standard Collector when handling certain file operations. Remediations are provided v...

5.5CVSS5.7AI score0.00761EPSS
CVE
CVE
added 2020/06/09 7:43 p.m.108 views

CVE-2020-1278

CVE-2020-1278 relates to an elevation of privilege in the Diagnostics Hub Standard Collector Service due to improper file operations. The vulnerability enables local privilege elevation, as the service handles files in a way that can be exploited by an authenticated attacker with access to the sy...

7.8CVSS8.1AI score0.00785EPSS
CVE
CVE
added 2025/07/08 4:58 p.m.79 views

CVE-2025-49739

CVE-2025-49739: Visual Studio elevation of privilege due to improper link resolution before file access ("link following"). The issue could allow a network-access attacker to elevate privileges on a affected machine. Connected sources indicate this CVE has public exploits (per Kaspersky entry in ...

8.8CVSS6.5AI score0.00771EPSS