36 results (0.002 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

13 May 2025 — Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21264 • CWE-552: Files or Directories Accessible to External Parties •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

12 Apr 2025 — Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32726 • CWE-284: Improper Access Control •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

11 Mar 2025 — Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26631 • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

11 Feb 2025 — Visual Studio Code Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24039 • CWE-427: Uncontrolled Search Path Element •

CVSS: 9.0EPSS: 2%CPEs: 1EXPL: 0

12 Mar 2024 — Visual Studio Code Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Visual Studio Code • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26165 • CWE-256: Plaintext Storage of a Password •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

12 Sep 2023 — Visual Studio Code Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código del Visual Studio Code • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36742 •

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

13 Jun 2023 — Visual Studio Code Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33144 • CWE-23: Relative Path Traversal •

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

09 May 2023 — Visual Studio Code Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29338 • CWE-285: Improper Authorization •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

11 Apr 2023 — Visual Studio Code Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24893 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

10 Jan 2023 — Visual Studio Code Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Visual Studio Code • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21779 • CWE-502: Deserialization of Untrusted Data •