Msrc Microsoft Visual Studio 2017 Version 15.9 vulnerabilities

CVE-2022-24513 [HIGH] Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Remediation: Release Notes Reference: http://aka.ms/vs/15/release/latest Reference: https://docs.microsoft.co

CVE-2022-24765 [MEDIUM] GitHub: Uncontrolled search for the Git directory in Git for Windows GitHub: Uncontrolled search for the Git directory in Git for Windows FAQ: Why is this GitHub CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Git for Windows software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Upda

CVE-2022-24767 [HIGH] GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account FAQ: Why is this GitHub CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Git for Windows software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds

CVE-2022-21871 [HIGH] Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability Windows Diagnostic Hub: Windows Diagnostic Hub Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: http

CVE-2021-3711 [CRITICAL] OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow FAQ: Why is this OpenSSL Software Foundation CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Support

CVE-2021-42277 [MEDIUM] Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. Windows Diagnostic Hub: Windows Diagnostic Hub Microsoft: Microsoft Customer Action Required: Yes

CVE-2021-42319 [MEDIUM] Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Remediation: Release Notes Reference: http://aka.ms/vs/15/release/latest Reference: https://docs.microsoft.

CVE-2020-1971 [MEDIUM] OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference FAQ: Why is this OpenSSL Software Foundation CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update

CVE-2021-3450 [HIGH] OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT FAQ: Why is this OpenSSL Software Foundation CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vuln

CVE-2021-3449 [MEDIUM] OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing FAQ: Why is this OpenSSL Software Foundation CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerab

CVE-2021-26434 [HIGH] Visual Studio Elevation of Privilege Vulnerability Visual Studio Elevation of Privilege Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: http://aka.ms/vs/15/release/latest Reference: https://my.visualstudio.com/Downloads?q=Visual S

CVE-2021-36952 [HIGH] Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: http://aka.ms/vs/15/release/latest Reference: https://my.visualstudio.com/Downloads?q=Visual Stud

CVE-2021-26423 [HIGH] .NET Core and Visual Studio Denial of Service Vulnerability .NET Core and Visual Studio Denial of Service Vulnerability .NET Core & Visual Studio: .NET Core & Visual Studio Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: http://aka.ms/vs/15/release/latest Reference: https://my.

CVE-2021-34485 [MEDIUM] .NET Core and Visual Studio Information Disclosure Vulnerability .NET Core and Visual Studio Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of a specific dump file. The attacker needs to have local access to the target system and the dump file needs to be created in a specific way by a targe

CVE-2021-28313 [HIGH] Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Windows Diagnostic Hub: Windows Diagnostic Hub Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Se

CVE-2021-28322 [HIGH] Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Windows Diagnostic Hub: Windows Diagnostic Hub Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Se

CVE-2021-28321 [HIGH] Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Windows Diagnostic Hub: Windows Diagnostic Hub Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Se

CVE-2021-27064 [HIGH] Visual Studio Installer Elevation of Privilege Vulnerability Visual Studio Installer Elevation of Privilege Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: http://aka.ms/vs/15/release/latest Reference: https://my.visualstudio.com/

CVE-2021-21300 [HIGH] Git for Visual Studio Remote Code Execution Vulnerability Git for Visual Studio Remote Code Execution Vulnerability Visual Studio: Visual Studio GitHub (maintainer security advisories): GitHub (maintainer security advisories) Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: http://aka.ms/vs/15/re

CVE-2021-1639 [HIGH] Visual Studio Code Remote Code Execution Vulnerability Visual Studio Code Remote Code Execution Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: http://aka.ms/vs/16/release/latest Reference: https://code.visualstudio.com/Download Re