Visual Studio CVEs and Security Vulnerabilities

Filtered by vendor Microsoft Subscriptions

Filtered by product Visual Studio Subscriptions

Search

Switch to Advanced Search (Beta)

Total 86 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-20656	1 Microsoft	4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more	2025-05-03	7.8 High
Visual Studio Elevation of Privilege Vulnerability
CVE-2014-3802	1 Microsoft	2 Debug Interface Access Software Development Kit, Visual Studio	2025-04-12	N/A
msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file.
CVE-2011-1976	1 Microsoft	2 Report Viewer, Visual Studio	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability."
CVE-2011-1280	1 Microsoft	4 Office Infopath, Sql Server, Sql Server Management Studio Express and 1 more	2025-04-11	N/A
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrary files via a crafted .disco (Web Service Discovery) file, aka "XML External Entities Resolution Vulnerability."
CVE-2010-3190	2 Apple, Microsoft	4 Itunes, Visual C\+\+, Visual Studio and 1 more	2025-04-11	N/A
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability."
CVE-2012-0008	1 Microsoft	1 Visual Studio	2025-04-11	N/A
Untrusted search path vulnerability in Microsoft Visual Studio 2008 SP1, 2010, and 2010 SP1 allows local users to gain privileges via a Trojan horse add-in in an unspecified directory, aka "Visual Studio Add-In Vulnerability."
CVE-2022-35827	1 Microsoft	4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more	2025-01-02	8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35826	1 Microsoft	4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more	2025-01-02	8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35825	1 Microsoft	4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more	2025-01-02	8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2022-21871	1 Microsoft	20 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 17 more	2025-01-02	7 High
Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability
CVE-2023-35390	2 Microsoft, Redhat	6 .net, Visual Studio, Visual Studio 2022 and 3 more	2025-01-01	7.8 High
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-33170	3 Fedoraproject, Microsoft, Redhat	7 Fedora, .net, Visual Studio and 4 more	2025-01-01	8.1 High
ASP.NET and Visual Studio Security Feature Bypass Vulnerability
CVE-2023-35391	1 Microsoft	4 .net, Asp.net Core, Visual Studio and 1 more	2025-01-01	6.2 Medium
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
CVE-2023-36897	1 Microsoft	8 365 Apps, Office, Office Long Term Servicing Channel and 5 more	2025-01-01	8.1 High
Visual Studio Tools for Office Runtime Spoofing Vulnerability
CVE-2023-33127	1 Microsoft	4 .net, Powershell, Visual Studio and 1 more	2025-01-01	8.1 High
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33135	1 Microsoft	3 .net, Visual Studio, Visual Studio 2022	2025-01-01	7.3 High
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33128	2 Microsoft, Redhat	7 .net, Powershell, Visual Studio and 4 more	2025-01-01	7.3 High
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-33126	1 Microsoft	4 .net, Powershell, Visual Studio and 1 more	2025-01-01	7.3 High
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-32032	2 Microsoft, Redhat	5 .net, Powershell, Visual Studio and 2 more	2025-01-01	6.5 Medium
.NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-32028	1 Microsoft	7 Ole Db Driver 18 For Sql Server, Ole Db Driver 19 For Sql Server, Ole Db Driver For Sql Server and 4 more	2025-01-01	7.8 High
Microsoft SQL OLE DB Remote Code Execution Vulnerability

« first previous Page 3 of 5. next last »