Total
79 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-24767 | 2 Git For Windows Project, Microsoft | 4 Git For Windows, Visual Studio 2017, Visual Studio 2019 and 1 more | 2024-02-04 | 6.9 MEDIUM | 7.8 HIGH |
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account. | |||||
CVE-2021-42319 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-02-04 | 2.1 LOW | 4.7 MEDIUM |
Visual Studio Elevation of Privilege Vulnerability | |||||
CVE-2021-42277 | 1 Microsoft | 8 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 5 more | 2024-02-04 | 4.6 MEDIUM | 5.5 MEDIUM |
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | |||||
CVE-2022-21871 | 1 Microsoft | 13 Visual Studio 2017, Visual Studio 2019, Windows 10 1507 and 10 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability | |||||
CVE-2021-36952 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Visual Studio Remote Code Execution Vulnerability | |||||
CVE-2021-26434 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Visual Studio Elevation of Privilege Vulnerability | |||||
CVE-2021-27064 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Visual Studio Installer Elevation of Privilege Vulnerability | |||||
CVE-2021-26423 | 1 Microsoft | 5 .net, .net Core, Powershell Core and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
.NET Core and Visual Studio Denial of Service Vulnerability | |||||
CVE-2021-34485 | 1 Microsoft | 5 .net, .net Core, Powershell Core and 2 more | 2024-02-04 | 2.1 LOW | 5.0 MEDIUM |
.NET Core and Visual Studio Information Disclosure Vulnerability | |||||
CVE-2021-28313 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | |||||
CVE-2021-28322 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | |||||
CVE-2021-28321 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | |||||
CVE-2021-1651 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | |||||
CVE-2021-1639 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio Code | 2024-02-04 | 6.8 MEDIUM | 7.0 HIGH |
Visual Studio Code Remote Code Execution Vulnerability | |||||
CVE-2021-1721 | 1 Microsoft | 5 .net, .net Core, Powershell Core and 2 more | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
.NET Core and Visual Studio Denial of Service Vulnerability | |||||
CVE-2020-26870 | 4 Cure53, Debian, Microsoft and 1 more | 5 Dompurify, Debian Linux, Visual Studio 2017 and 2 more | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements. | |||||
CVE-2020-17100 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Visual Studio Tampering Vulnerability | |||||
CVE-2021-1680 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | |||||
CVE-2020-17156 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
Visual Studio Remote Code Execution Vulnerability | |||||
CVE-2020-1393 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418. |