Microsoft Visual Studio 2022 vulnerabilities

91 known vulnerabilities affecting microsoft/visual_studio_2022.

Total CVEs

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL5HIGH67MEDIUM19

Vulnerabilities

Page 3 of 5

CVE-2024-28929HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28929 [HIGH] CWE-190 CVE-2024-28929: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-28934HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28934 [HIGH] CWE-121 CVE-2024-28934: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-28933HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28933 [HIGH] CWE-191 CVE-2024-28933: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-28938HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28938 [HIGH] CWE-125 CVE-2024-28938: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-21409HIGHCVSS 7.3≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-21409 [HIGH] CWE-416 CVE-2024-21409: .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

nvd

CVE-2024-28932HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28932 [HIGH] CWE-122 CVE-2024-28932: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-28935HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28935 [HIGH] CWE-122 CVE-2024-28935: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-28931HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28931 [HIGH] CWE-190 CVE-2024-28931: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-28930HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28930 [HIGH] CWE-191 CVE-2024-28930: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-28936HIGHCVSS 8.8≥ 17.4.0, < 17.4.18≥ 17.6.0, < 17.6.14+2 more2024-04-09

CVE-2024-28936 [HIGH] CWE-190 CVE-2024-28936: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2024-21392HIGHCVSS 7.5≥ 17.4, < 17.4.17≥ 17.6, < 17.6.13+2 more2024-03-12

CVE-2024-21392 [HIGH] CWE-400 CVE-2024-21392: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

nvd

CVE-2024-0057CRITICALCVSS 9.8≥ 17.2, < 17.2.23≥ 17.4, < 17.4.15+2 more2024-01-09

CVE-2024-0057 [CRITICAL] CWE-20 CVE-2024-0057: NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

nvd

CVE-2024-20656HIGHCVSS 7.8≥ 17.2, < 17.2.23≥ 17.4, < 17.4.15+1 more2024-01-09

CVE-2024-20656 [HIGH] CWE-59 CVE-2024-20656: Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2024-0056HIGHCVSS 8.7≥ 17.2, < 17.2.23≥ 17.4, < 17.4.15+2 more2024-01-09

CVE-2024-0056 [HIGH] CWE-319 CVE-2024-0056: Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnera Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

nvd

CVE-2024-21319MEDIUMCVSS 6.8≥ 17.2.0, < 17.2.23≥ 17.4.0, < 17.4.15+2 more2024-01-09

CVE-2024-21319 [MEDIUM] CWE-20 CVE-2024-21319: Microsoft Identity Denial of service vulnerability Microsoft Identity Denial of service vulnerability

nvd

CVE-2023-36049CRITICALCVSS 9.8≥ 17.2, < 17.2.22≥ 17.4, < 17.4.14+2 more2023-11-14

CVE-2023-36049 [HIGH] CWE-20 CVE-2023-36049: .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2023-36558MEDIUMCVSS 5.5≥ 17.2, < 17.2.22≥ 17.4, < 17.4.14+2 more2023-11-14

CVE-2023-36558 [MEDIUM] CVE-2023-36558: ASP.NET Core Security Feature Bypass Vulnerability ASP.NET Core Security Feature Bypass Vulnerability

nvd

CVE-2023-44487HIGHCVSS 7.5KEVPoC≥ 17.0, < 17.2.20≥ 17.4, < 17.4.12+2 more2023-10-10

CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

nvd

CVE-2023-36758CRITICALCVSS 9.8≥ 17.7, ≤ 17.7.42023-09-12

CVE-2023-36758 [HIGH] CWE-59 CVE-2023-36758: Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability

nvd

CVE-2023-36799MEDIUMCVSS 6.5≥ 17.2, < 17.2.19≥ 17.4, < 17.4.11+2 more2023-09-12

CVE-2023-36799 [MEDIUM] CWE-400 CVE-2023-36799: .NET Core and Visual Studio Denial of Service Vulnerability .NET Core and Visual Studio Denial of Service Vulnerability

nvd

← Previous3 / 5Next →