NotCVE - vendor:"Microsoft" product:"Visual Studio 2022" version:"17.0"

38 results (0.005 seconds)

CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17

CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability

https://notcve.org/view.php?id=CVE-2023-44487

10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-33170 – ASP.NET and Visual Studio Security Feature Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2023-33170

11 Jul 2023 — ASP.NET and Visual Studio Security Feature Bypass Vulnerability A vulnerability was found in dotNET applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords and bypass security restrictions. This flaw allows a remote attacker to bypass security features, causing an impact on confidentiality, integrity, and availability. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and... • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 8.1EPSS: 2%CPEs: 7EXPL: 0

CVE-2023-33127 – .NET and Visual Studio Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2023-33127

11 Jul 2023 — .NET and Visual Studio Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127 • CWE-1220: Insufficient Granularity of Access Control •

CVSS: 7.8EPSS: 1%CPEs: 86EXPL: 0

CVE-2023-24895 – .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2023-24895

14 Jun 2023 — .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895 •

CVSS: 7.8EPSS: 1%CPEs: 81EXPL: 0

CVE-2023-24897 – .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2023-24897

14 Jun 2023 — .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897 • CWE-122: Heap-based Buffer Overflow •

CVSS: 7.3EPSS: 1%CPEs: 6EXPL: 0

CVE-2023-33135 – .NET and Visual Studio Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2023-33135

13 Jun 2023 — .NET and Visual Studio Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33135 •

CVSS: 7.3EPSS: 1%CPEs: 6EXPL: 0

CVE-2023-33128 – .NET and Visual Studio Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2023-33128

13 Jun 2023 — .NET and Visual Studio Remote Code Execution Vulnerability A vulnerability was found in dotnet. This issue may allow remote code execution via source generators that can lead to a crash due to unmanaged heap corruption. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18.... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128 • CWE-416: Use After Free •

CVSS: 7.3EPSS: 1%CPEs: 6EXPL: 0

CVE-2023-33126 – .NET and Visual Studio Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2023-33126

13 Jun 2023 — .NET and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126 •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-32032 – .NET and Visual Studio Elevation of Privilege Vulnerability

https://notcve.org/view.php?id=CVE-2023-32032

13 Jun 2023 — .NET and Visual Studio Elevation of Privilege Vulnerability A vulnerability was found in dotnet. This issue can cause an elevation of privilege when the TarFile.ExtractToDirectory ignores the extraction directory argument. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32032 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 4%CPEs: 10EXPL: 0

CVE-2023-33139 – Visual Studio Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2023-33139

13 Jun 2023 — Visual Studio Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139 • CWE-125: Out-of-bounds Read •

1 2 3 4