Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Microsoft Subscribe
Filtered by product Visual Studio
Total 57 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-2504 1 Microsoft 27 .net Framework, Excel Viewer, Expression Web and 24 more 2025-04-09 9.3 HIGH N/A
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability."
CVE-2007-0468 1 Microsoft 1 Visual Studio 2025-04-09 6.8 MEDIUM N/A
Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file.
CVE-2000-0162 1 Microsoft 3 Ie, Internet Explorer, Visual Studio 2025-04-03 5.1 MEDIUM N/A
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
CVE-2006-4494 1 Microsoft 1 Visual Studio 2025-04-03 7.5 HIGH N/A
Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.
CVE-2006-1043 1 Microsoft 2 Visual Interdev, Visual Studio 2025-04-03 5.1 MEDIUM N/A
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
CVE-2001-0153 1 Microsoft 2 Visual Basic, Visual Studio 2025-04-03 7.5 HIGH N/A
Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.
CVE-2024-20656 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 7.8 HIGH
Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33139 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 5.5 MEDIUM
Visual Studio Information Disclosure Vulnerability
CVE-2023-24897 1 Microsoft 18 .net, .net Framework, Visual Studio and 15 more 2024-11-21 N/A 7.8 HIGH
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2022-35827 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 8.8 HIGH
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35826 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 8.8 HIGH
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35825 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2024-11-21 N/A 8.8 HIGH
Visual Studio Remote Code Execution Vulnerability
CVE-2021-42277 1 Microsoft 8 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 5 more 2024-11-21 4.6 MEDIUM 5.5 MEDIUM
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-3146 2 Dolby, Microsoft 5 Audio X2, Exchange Server, Visual C\+\+ and 2 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges.
CVE-2021-28322 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28321 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28313 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-1680 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-1651 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 7.2 HIGH 7.8 HIGH
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2020-1393 1 Microsoft 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418.