📦 Visual Studio 2017

This vulnerability allows an authorized attacker with local access to a system running Visual Studio to elevate their privileges beyond what they should have. It affects users of Microsoft Visual Stud...

This vulnerability allows an authorized attacker to exploit an uncontrolled search path element in Visual Studio to execute arbitrary code with elevated privileges. It affects users running vulnerable...

This vulnerability in Visual Studio Installer allows attackers to elevate privileges on Windows systems. An authenticated attacker could execute arbitrary code with SYSTEM privileges by exploiting imp...

This CVE describes a heap-based buffer overflow vulnerability in .NET and Visual Studio that could allow remote code execution. Attackers could exploit this by tricking users into opening specially cr...

This vulnerability allows remote code execution in .NET, .NET Framework, and Visual Studio applications through a buffer overflow condition (CWE-126). Attackers can exploit this to execute arbitrary c...

This is a heap-based buffer overflow vulnerability in Visual Studio that allows remote code execution when processing specially crafted files. Attackers could exploit this to execute arbitrary code wi...

This CVE describes an elevation of privilege vulnerability in Visual Studio that allows authenticated attackers to gain SYSTEM-level privileges on affected Windows systems. It affects users running vu...

This vulnerability in Visual Studio allows attackers to execute arbitrary code on a victim's system by tricking them into opening a specially crafted file. It affects developers and organizations usin...

This vulnerability allows remote code execution in Visual Studio when processing specially crafted files. Attackers could exploit this to run arbitrary code on affected systems. Users running vulnerab...

This vulnerability in Visual Studio Tools for Office Runtime allows attackers to spoof file paths, potentially tricking users into opening malicious files. It affects systems running vulnerable versio...

CVE-2023-21815 is a remote code execution vulnerability in Visual Studio that allows attackers to execute arbitrary code on affected systems. This affects developers and organizations using vulnerable...

CVE-2023-21566 is an elevation of privilege vulnerability in Visual Studio that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. This affects developers and organizatio...

This vulnerability allows attackers to perform DLL hijacking when the Git for Windows uninstaller runs under the SYSTEM user account. Attackers could execute arbitrary code with SYSTEM privileges by p...

CVE-2021-36952 is a remote code execution vulnerability in Visual Studio that allows attackers to execute arbitrary code by tricking a user into opening a specially crafted file. This affects develope...

This CVE describes an elevation of privilege vulnerability in Visual Studio where an attacker could exploit a flaw in the installer to gain SYSTEM privileges. It affects users running Visual Studio on...

CVE-2021-26423 is a denial-of-service vulnerability in .NET Core and Visual Studio where an attacker can cause the application to crash by sending specially crafted requests. This affects applications...

CVE-2021-28313 is an elevation of privilege vulnerability in Microsoft's Diagnostics Hub Standard Collector Service. It allows authenticated attackers to execute arbitrary code with SYSTEM privileges ...

CVE-2021-28321 is an elevation of privilege vulnerability in Microsoft's Diagnostics Hub Standard Collector Service. It allows authenticated attackers to execute arbitrary code with SYSTEM privileges ...

This vulnerability allows an attacker to elevate privileges on a system by exploiting a flaw in the Visual Studio Installer. Attackers could gain SYSTEM-level access by tricking a user into running a ...

This is a remote code execution vulnerability in Visual Studio where improper memory handling allows attackers to run arbitrary code as the current user. Attackers must convince users to open a specia...

This is a remote code execution vulnerability in Visual Studio where improper memory handling allows attackers to run arbitrary code. Attackers must convince users to open specially crafted files, and...

CVE-2020-1597 is a denial of service vulnerability in ASP.NET Core where improperly handled web requests allow remote unauthenticated attackers to crash applications. This affects ASP.NET Core web app...

This is an elevation of privilege vulnerability in Git for Visual Studio where improper parsing of configuration files allows authenticated attackers to execute code as another local user. Attackers m...

This vulnerability in Visual Studio allows authenticated local attackers to bypass access controls and access sensitive information they shouldn't have permission to view. It affects users running vul...

This CVE describes an elevation of privilege vulnerability in Visual Studio that allows authenticated attackers to gain higher privileges than intended. It affects users running vulnerable versions of...

This is a local privilege escalation vulnerability in Microsoft's Diagnostics Hub Standard Collector component. An attacker with local access can exploit it to run arbitrary code with elevated system ...