📦 Visual Studio Code
by Microsoft
🔍 What is Visual Studio Code?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A time-of-check time-of-use race condition vulnerability in GitHub Copilot and Visual Studio allows authenticated attackers to execute arbitrary code remotely via network exploitation. This affects us...
This vulnerability allows an authorized attacker to execute arbitrary code remotely on systems running vulnerable versions of GitHub Copilot and Visual Studio Code. Attackers can exploit improper acce...
This vulnerability allows remote command injection in Agentic AI and Visual Studio Code, enabling unauthorized attackers to execute arbitrary code over a network. It affects systems running vulnerable...
This vulnerability in Visual Studio Code allows an authorized attacker to execute arbitrary code with elevated privileges by exploiting an uncontrolled search path element. It affects users who have l...
This vulnerability in Visual Studio Code's JS Debug Extension allows attackers to escalate privileges when debugging JavaScript applications. It affects developers using VS Code with the JS Debug exte...
This CVE describes an elevation of privilege vulnerability in Visual Studio Code where an attacker could execute arbitrary code with higher privileges than intended. It affects users running Visual St...
This vulnerability allows remote code execution in Visual Studio Code on Linux systems. Attackers can execute arbitrary code by exploiting improper neutralization of special elements used in a command...
This vulnerability in Visual Studio Code allows remote code execution when a user opens a maliciously crafted file or project. It affects users who open untrusted files in Visual Studio Code, potentia...
CVE-2023-24893 is a remote code execution vulnerability in Visual Studio Code that allows attackers to execute arbitrary code on a user's system by tricking them into opening a malicious workspace fil...
This vulnerability allows remote code execution in Visual Studio Code through argument injection in the 'code' command-line tool. Attackers can craft malicious arguments that execute arbitrary command...
CVE-2022-26921 is an elevation of privilege vulnerability in Visual Studio Code that allows attackers to execute arbitrary code with higher privileges than intended. This affects users running Visual ...
This vulnerability allows remote code execution through Visual Studio Code's Remote Development extension. Attackers can execute arbitrary code on systems running vulnerable versions when users connec...
CVE-2021-43891 is a remote code execution vulnerability in Visual Studio Code that allows attackers to execute arbitrary code by tricking users into opening malicious workspace files. This affects use...
This vulnerability in Visual Studio Code allows remote code execution when a user opens a maliciously crafted file or project. It affects users who open untrusted files in Visual Studio Code, particul...
CVE-2021-34479 is a spoofing vulnerability in Microsoft Visual Studio that allows attackers to trick users into executing malicious code by presenting a deceptive UI. This affects developers and organ...
This vulnerability in Visual Studio Code allows remote code execution when a user opens a maliciously crafted file or workspace. It affects users who open untrusted files in Visual Studio Code, potent...
CVE-2021-31214 is a remote code execution vulnerability in Visual Studio Code that allows attackers to execute arbitrary code on a user's system by tricking them into opening a malicious workspace fil...
This vulnerability in the Visual Studio Code Remote Development extension allows attackers to execute arbitrary code on a developer's machine when they connect to a malicious remote endpoint. It affec...
This vulnerability in Visual Studio Code allows remote code execution when a user opens a maliciously crafted file or workspace. Attackers can exploit this to execute arbitrary code on the victim's sy...
CVE-2021-28477 is a remote code execution vulnerability in Visual Studio Code that allows attackers to execute arbitrary code on a user's system by tricking them into opening a malicious workspace fil...
This vulnerability in Visual Studio Code allows remote code execution when a user opens a maliciously crafted file or project. It affects users who open untrusted files in VS Code, potentially allowin...
This vulnerability in Visual Studio Code allows remote code execution when a user opens a maliciously crafted file or project. It affects users who open untrusted files in Visual Studio Code, potentia...
This CVE describes a remote code execution vulnerability in Visual Studio Code where opening a malicious package.json file allows arbitrary code execution. It affects Visual Studio Code users who open...
This is a remote code execution vulnerability in Visual Studio Code where opening a malicious 'package.json' file allows arbitrary code execution. It affects Visual Studio Code users who open untruste...
A remote code execution vulnerability in Visual Studio Code allows attackers to run arbitrary code when users open malicious repositories and use the integrated terminal. This affects all Visual Studi...
This vulnerability allows an authorized attacker to bypass local security features in GitHub Copilot and Visual Studio Code by exploiting improper validation of generative AI output. It affects users ...
This vulnerability in Visual Studio Code allows an authenticated local attacker to bypass access controls and gain elevated privileges on the system. It affects users running vulnerable versions of VS...