CVSS: 7.3EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24998 – Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24998
11 Mar 2025 — Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24998 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21206 – Visual Studio Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-21206
11 Feb 2025 — Visual Studio Installer Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21206 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.6EPSS: 0%CPEs: 9EXPL: 0CVE-2025-21172 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21172
14 Jan 2025 — .NET and Visual Studio Remote Code Execution Vulnerability A remote code execution vulnerability was found in .NET. This flaw allows an attacker to load a specially crafted file in .NET. It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly use this issue to execute arbitrary code. It was discovered that .NET did not properly handle an integer overflow when processing certain specially crafted files. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21172 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21178 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21178
14 Jan 2025 — Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21178 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2025-21176 – .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-21176
14 Jan 2025 — .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability A remote code execution vulnerability was found in .NET. This flaw allows an attacker to load a specially crafted file in .NET. It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly use this issue to execute arbitrary code. It was discovered that .NET did not properly handle an integer overflow when processing certain specially crafted files. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21176 • CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-43603 – Visual Studio Collector Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-43603
08 Oct 2024 — Visual Studio Collector Service Denial of Service Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43603 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-43590 – Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-43590
08 Oct 2024 — Visual C++ Redistributable Installer Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43590 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 10%CPEs: 13EXPL: 0CVE-2024-35272 – SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-35272
09 Jul 2024 — SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35272 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.7EPSS: 1%CPEs: 6EXPL: 1CVE-2024-30052 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30052
11 Jun 2024 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Visual Studio • https://github.com/ynwarcs/CVE-2024-30052 • CWE-693: Protection Mechanism Failure •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29060 – Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-29060
11 Jun 2024 — Visual Studio Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060 • CWE-284: Improper Access Control •