Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftVisual Studio

10 matches found

CVE
CVEadded 2012/03/13 9:55 p.m.152 views

CVE-2012-0008

Untrusted search path vulnerability in Microsoft Visual Studio 2008 SP1, 2010, and 2010 SP1 allows local users to gain privileges via a Trojan horse add-in in an unspecified directory, aka "Visual Studio Add-In Vulnerability."

6.9CVSS6.4AI score0.0294EPSS
CVE
CVEadded 2019/07/15 7:15 p.m.141 views

CVE-2019-1077

An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'.

6.6CVSS6.6AI score0.00959EPSS
CVE
CVEadded 2019/04/09 2:29 a.m.134 views

CVE-2019-0757

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.

6.5CVSS6.1AI score0.08184EPSS
CVE
CVEadded 2019/07/15 7:15 p.m.124 views

CVE-2019-1079

An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files, aka 'Visual Studio Information Disclosure Vulnerability'.

6.5CVSS6.7AI score0.25343EPSS
CVE
CVEadded 2014/05/20 11:55 p.m.82 views

CVE-2014-3802

msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (...

6.8CVSS7.9AI score0.1121EPSS
CVE
CVEadded 2019/12/10 10:15 p.m.64 views

CVE-2019-1486

A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host, aka 'Visual Studio Live Share Spoofing Vulnerability'.

6.1CVSS7.2AI score0.00292EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.62 views

CVE-2019-1425

An elevation of privilege vulnerability exists when Visual Studio fails to properly validate hardlinks while extracting archived files, aka 'Visual Studio Elevation of Privilege Vulnerability'.

6.5CVSS6.4AI score0.07507EPSS
CVE
CVEadded 2007/08/08 11:17 p.m.46 views

CVE-2007-4254

Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-...

6.8CVSS8AI score0.42713EPSS
CVE
CVEadded 2007/01/24 1:28 a.m.40 views

CVE-2007-0468

Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file.

6.8CVSS7.9AI score0.34544EPSS
CVE
CVEadded 2007/09/14 1:17 a.m.39 views

CVE-2007-4891

A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other i...

6.8CVSS7.2AI score0.57927EPSS