📦 Visual Studio 2019
by Microsoft
🔍 What is Visual Studio 2019?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows an authorized attacker with local access to a system running Visual Studio to elevate their privileges beyond what they should have. It affects users of Microsoft Visual Stud...
This vulnerability allows an authorized attacker to exploit an uncontrolled search path element in Visual Studio to execute arbitrary code with elevated privileges on the local system. It affects user...
This vulnerability allows an authorized attacker to exploit an uncontrolled search path element in Visual Studio to execute arbitrary code with elevated privileges. It affects users running vulnerable...
This vulnerability in Visual Studio Installer allows attackers to elevate privileges on Windows systems. An authenticated attacker could execute arbitrary code with SYSTEM privileges by exploiting imp...
This CVE describes a heap-based buffer overflow vulnerability in .NET and Visual Studio that could allow remote code execution. Attackers could exploit this by tricking users into opening specially cr...
This is a heap-based buffer overflow vulnerability in Visual Studio that allows remote code execution when processing specially crafted files. Attackers could exploit this to execute arbitrary code wi...
This vulnerability in Microsoft ODBC Driver for SQL Server allows remote attackers to execute arbitrary code by sending specially crafted requests to affected systems. It affects applications and serv...
This vulnerability in Microsoft ODBC Driver for SQL Server allows remote attackers to execute arbitrary code on affected systems by sending specially crafted requests. It affects applications using vu...
This vulnerability in Microsoft ODBC Driver for SQL Server allows remote attackers to execute arbitrary code on affected systems by sending specially crafted requests. It affects applications using vu...
This vulnerability in Microsoft ODBC Driver for SQL Server allows remote attackers to execute arbitrary code on affected systems by sending specially crafted requests. It affects applications using vu...
This vulnerability in Microsoft ODBC Driver for SQL Server allows remote attackers to execute arbitrary code on affected systems by sending specially crafted requests. It affects applications using vu...
This CVE describes an elevation of privilege vulnerability in Visual Studio that allows authenticated attackers to gain SYSTEM-level privileges on affected Windows systems. It affects users running vu...
This vulnerability in Visual Studio allows attackers to execute arbitrary code on a victim's system by tricking them into opening a specially crafted file. It affects developers and organizations usin...
This vulnerability allows remote code execution in Visual Studio when processing specially crafted files. Attackers could exploit this to run arbitrary code on affected systems. Users running vulnerab...
This vulnerability in Visual Studio Tools for Office Runtime allows attackers to spoof file paths, potentially tricking users into opening malicious files. It affects systems running vulnerable versio...
CVE-2023-21815 is a remote code execution vulnerability in Visual Studio that allows attackers to execute arbitrary code on affected systems. This affects developers and organizations using vulnerable...
CVE-2023-21566 is an elevation of privilege vulnerability in Visual Studio that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. This affects developers and organizatio...
CVE-2022-29145 is a denial of service vulnerability in .NET and Visual Studio that allows attackers to crash affected applications by sending specially crafted requests. This affects systems running v...
CVE-2022-29117 is a denial of service vulnerability in .NET and Visual Studio that allows attackers to crash affected applications by sending specially crafted requests. This affects systems running v...
This CVE describes a denial of service vulnerability in .NET and Visual Studio where an attacker could cause affected applications to crash or become unresponsive. The vulnerability affects systems ru...
This vulnerability allows an attacker to elevate privileges on a system running Visual Studio. An authenticated attacker could exploit this to gain SYSTEM-level privileges, potentially taking full con...
This vulnerability allows attackers to perform DLL hijacking when the Git for Windows uninstaller runs under the SYSTEM user account. Attackers could execute arbitrary code with SYSTEM privileges by p...
CVE-2022-24464 is a denial of service vulnerability in .NET and Visual Studio that allows attackers to crash affected applications by sending specially crafted requests. This affects systems running v...
CVE-2022-21986 is a denial of service vulnerability in .NET Core and .NET 5/6 that allows attackers to crash applications by sending specially crafted requests. This affects web applications and servi...
CVE-2021-36952 is a remote code execution vulnerability in Visual Studio that allows attackers to execute arbitrary code by tricking a user into opening a specially crafted file. This affects develope...
This CVE describes an elevation of privilege vulnerability in Visual Studio where an attacker could exploit a flaw in the installer to gain SYSTEM privileges. It affects users running Visual Studio on...
CVE-2021-26423 is a denial-of-service vulnerability in .NET Core and Visual Studio where an attacker can cause the application to crash by sending specially crafted requests. This affects applications...
CVE-2021-31204 is an elevation of privilege vulnerability in .NET Core and Visual Studio that allows authenticated attackers to execute arbitrary code with higher privileges than intended. This affect...
CVE-2021-28313 is an elevation of privilege vulnerability in Microsoft's Diagnostics Hub Standard Collector Service. It allows authenticated attackers to execute arbitrary code with SYSTEM privileges ...
CVE-2021-28321 is an elevation of privilege vulnerability in Microsoft's Diagnostics Hub Standard Collector Service. It allows authenticated attackers to execute arbitrary code with SYSTEM privileges ...
This vulnerability allows an attacker to elevate privileges on a system by exploiting a flaw in the Visual Studio Installer. Attackers could gain SYSTEM-level access by tricking a user into running a ...
This is a remote code execution vulnerability in Visual Studio where improper memory handling allows attackers to run arbitrary code as the current user. Attackers must convince users to open a specia...
This is a remote code execution vulnerability in Visual Studio where improper memory handling allows attackers to run arbitrary code. Attackers must convince users to open specially crafted files, and...
CVE-2020-1597 is a denial of service vulnerability in ASP.NET Core where improperly handled web requests allow remote unauthenticated attackers to crash applications. This affects ASP.NET Core web app...
This is an elevation of privilege vulnerability in Git for Visual Studio where improper parsing of configuration files allows authenticated attackers to execute code as another local user. Attackers m...
This vulnerability in Visual Studio allows authenticated local attackers to bypass access controls and access sensitive information they shouldn't have permission to view. It affects users running vul...
This CVE describes an elevation of privilege vulnerability in Visual Studio that allows authenticated attackers to gain higher privileges than intended. It affects users running vulnerable versions of...
This is a local privilege escalation vulnerability in Microsoft's Diagnostics Hub Standard Collector component. An attacker with local access can exploit it to run arbitrary code with elevated system ...