Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Visual Studio
Total 57 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4254 1 Microsoft 2 Visual Database Tools Database Designer, Visual Studio 2025-04-09 6.8 MEDIUM N/A
Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-2127.
CVE-2009-2495 1 Microsoft 3 Visual C\+\+, Visual Studio, Visual Studio .net 2025-04-09 7.8 HIGH N/A
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability."
CVE-2001-0153 1 Microsoft 2 Visual Basic, Visual Studio 2025-04-03 7.5 HIGH N/A
Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.
CVE-2000-0162 1 Microsoft 3 Ie, Internet Explorer, Visual Studio 2025-04-03 5.1 MEDIUM N/A
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
CVE-2006-4494 1 Microsoft 1 Visual Studio 2025-04-03 7.5 HIGH N/A
Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.
CVE-2006-1043 1 Microsoft 2 Visual Interdev, Visual Studio 2025-04-03 5.1 MEDIUM N/A
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
CVE-2024-20656 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 7.8 HIGH
Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33139 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 5.5 MEDIUM
Visual Studio Information Disclosure Vulnerability
CVE-2023-24897 1 Microsoft 18 .net, .net Framework, Visual Studio and 15 more 2024-11-21 N/A 7.8 HIGH
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2022-35827 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 8.8 HIGH
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35826 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 8.8 HIGH
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35825 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 8.8 HIGH
Visual Studio Remote Code Execution Vulnerability
CVE-2021-42277 1 Microsoft 8 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 5 more 2024-11-21 4.6 MEDIUM 5.5 MEDIUM
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-3146 2 Dolby, Microsoft 5 Audio X2, Exchange Server, Visual C\+\+ and 2 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges.
CVE-2021-28322 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28321 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28313 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-1680 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-1651 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 7.2 HIGH 7.8 HIGH
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2020-1393 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418.