Microsoft Visual Studio 2022 vulnerabilities

91 known vulnerabilities affecting microsoft/visual_studio_2022.

Total CVEs

91

CISA KEV

2

actively exploited

Public exploits

2

Exploited in wild

2

Severity breakdown

CRITICAL5HIGH67MEDIUM19

Vulnerabilities

Page 5 of 5

CVE-2022-38013HIGHCVSS 7.5v17.0v17.2+1 more2022-09-13

CVE-2022-38013 [HIGH] CVE-2022-38013: .NET Core and Visual Studio Denial of Service Vulnerability .NET Core and Visual Studio Denial of Service Vulnerability

CVE-2022-30184MEDIUMCVSS 5.5≥ 17.0, < 17.0.4≥ 17.0, < 17.0.11+1 more2022-06-15

CVE-2022-30184 [MEDIUM] CWE-200 CVE-2022-30184: .NET and Visual Studio Information Disclosure Vulnerability .NET and Visual Studio Information Disclosure Vulnerability

CVE-2022-29145HIGHCVSS 7.5≥ 17.0, < 17.1.72022-05-10

CVE-2022-29145 [HIGH] CVE-2022-29145: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

CVE-2022-23267HIGHCVSS 7.5v17.0v17.12022-05-10

CVE-2022-23267 [HIGH] CVE-2022-23267: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

CVE-2022-29117HIGHCVSS 7.5v17.0v17.12022-05-10

CVE-2022-29117 [HIGH] CVE-2022-29117: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

CVE-2022-24513HIGHCVSS 7.8v17.0v17.12022-04-15

CVE-2022-24513 [HIGH] CVE-2022-24513: Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability

CVE-2022-24767HIGHCVSS 7.8≥ 17.0, < 17.0.8≥ 17.1.0, < 17.1.42022-04-12

CVE-2022-24767 [HIGH] CWE-427 CVE-2022-24767: GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user acco GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.

CVE-2022-24464HIGHCVSS 7.5≥ 17.0, < 17.0.72022-03-09

CVE-2022-24464 [HIGH] CVE-2022-24464: .NET and Visual Studio Denial of Service Vulnerability .NET and Visual Studio Denial of Service Vulnerability

CVE-2022-24512MEDIUMCVSS 6.3≥ 17.0, < 17.0.72022-03-09

CVE-2022-24512 [MEDIUM] CVE-2022-24512: .NET and Visual Studio Remote Code Execution Vulnerability .NET and Visual Studio Remote Code Execution Vulnerability

CVE-2021-43877HIGHCVSS 7.8v17.02021-12-15

CVE-2021-43877 [HIGH] CVE-2021-43877: ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

CVE-2020-8927MEDIUMCVSS 6.5≥ 17.0, ≤ 17.0.7v17.12020-09-15

CVE-2020-8927 [MEDIUM] CWE-130 CVE-2020-8927: A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recomm

← Previous5 / 5