Msrc Microsoft Visual Studio 2017 Version 15.9 vulnerabilities

124 known vulnerabilities affecting msrc/microsoft_visual_studio_2017_version_15.9.

Total CVEs
124
CISA KEV
2
actively exploited
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL9HIGH95MEDIUM19LOW1

Vulnerabilities

Page 7 of 7
CVE-2019-0657HIGHCVSS 5.92019-02-12
CVE-2019-0657 [MEDIUM] .NET Framework and Visual Studio Spoofing Vulnerability .NET Framework and Visual Studio Spoofing Vulnerability Description: A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's. An attacker who successfully exploited this vulnerability could use it to bypass security logic intended to ensure that a user-provided URL belonged to a specific hostname or a subdomain of that hostname. This could be used to cause privileged commu
msrc
CVE-2019-0613HIGHCVSS 8.82019-02-12
CVE-2019-0613 [HIGH] .NET Framework and Visual Studio Remote Code Execution Vulnerability .NET Framework and Visual Studio Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user
msrc
CVE-2019-0546MEDIUMCVSS 7.82019-01-08
CVE-2019-0546 [HIGH] Visual Studio Remote Code Execution Vulnerability Visual Studio Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in Visual Studio when the C++ compiler improperly handles specific combinations of C++ constructs. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the
msrc
CVE-2018-8599HIGHCVSS 7.02018-12-11
CVE-2018-8599 [HIGH] Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. An attacker with unprivileged access to a vulnerable system could e
msrc
← Previous7 / 7