Search
Search Results (305 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26631 | 1 Microsoft | 1 Visual Studio Code | 2026-02-13 | 7.3 High |
| Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-25003 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio 2022 | 2026-02-13 | 7.3 High |
| Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24998 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2026-02-13 | 7.3 High |
| Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24070 | 2 Microsoft, Redhat | 4 Asp.net Core, Visual Studio 2022, Enterprise Linux and 1 more | 2026-02-13 | 7 High |
| Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-26682 | 1 Microsoft | 2 Asp.net Core, Visual Studio 2022 | 2026-02-13 | 7.5 High |
| Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2025-29804 | 1 Microsoft | 1 Visual Studio 2022 | 2026-02-13 | 7.3 High |
| Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-29802 | 1 Microsoft | 1 Visual Studio 2022 | 2026-02-13 | 7.3 High |
| Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-29803 | 1 Microsoft | 7 .vsta Sdk, Sql Server Management Studio, Visual Studio Tools For Applications and 4 more | 2026-02-13 | 7.3 High |
| Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21264 | 1 Microsoft | 2 Visual Studio Code, Visual Studio Code Copilot Chat Extension | 2026-02-13 | 7.1 High |
| Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2025-32703 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2026-02-13 | 5.5 Medium |
| Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally. | ||||
| CVE-2024-35264 | 2 Microsoft, Redhat | 4 .net, Visual Studio, Visual Studio 2022 and 1 more | 2026-02-10 | 8.1 High |
| .NET and Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2025-68120 | 2 Go, Microsoft | 2 Go, Visual Studio Code | 2026-01-06 | 5.4 Medium |
| To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode. | ||||
| CVE-2024-30052 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2025-12-17 | 4.7 Medium |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2024-29060 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2025-12-17 | 6.7 Medium |
| Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2024-30105 | 2 Microsoft, Redhat | 5 .net, Powershell, Visual Studio and 2 more | 2025-12-09 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2024-38095 | 2 Microsoft, Redhat | 5 .net, Powershell, Visual Studio and 2 more | 2025-12-09 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2024-38081 | 1 Microsoft | 17 .net, .net Framework, Visual Studio and 14 more | 2025-12-09 | 7.3 High |
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2024-35272 | 1 Microsoft | 8 Sql Server, Sql Server 2016, Sql Server 2017 and 5 more | 2025-12-09 | 8.8 High |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | ||||
| CVE-2022-24526 | 1 Microsoft | 1 Visual Studio Code | 2025-12-09 | 6.1 Medium |
| Visual Studio Code Spoofing Vulnerability | ||||
| CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 367 Http Server, Opensearch Data Prepper, Apisix and 364 more | 2025-11-07 | 7.5 High |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | ||||