Filtered by vendor Microsoft
Subscriptions
Filtered by product Visual Studio
Subscriptions
Total
55 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2503 | 1 Microsoft | 27 .net Framework, Excel Viewer, Expression Web and 24 more | 2023-12-07 | N/A |
| GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability." | ||||
| CVE-2009-2504 | 1 Microsoft | 27 .net Framework, Excel Viewer, Expression Web and 24 more | 2023-12-07 | N/A |
| Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability." | ||||
| CVE-2009-2528 | 1 Microsoft | 27 .net Framework, Excel Viewer, Expression Web and 24 more | 2023-12-07 | N/A |
| GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability." | ||||
| CVE-2009-3126 | 1 Microsoft | 27 .net Framework, Excel Viewer, Expression Web and 24 more | 2023-12-07 | N/A |
| Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability." | ||||
| CVE-2018-8172 | 1 Microsoft | 3 Expression Blend, Visual Studio, Visual Studio 2017 | 2022-11-21 | 7.8 High |
| A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4. | ||||
| CVE-2018-1037 | 1 Microsoft | 2 Visual Studio, Visual Studio 2017 | 2021-08-12 | N/A |
| An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio. | ||||
| CVE-2000-0162 | 1 Microsoft | 3 Ie, Internet Explorer, Visual Studio | 2021-07-22 | N/A |
| The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | ||||
| CVE-2020-1202 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-07-21 | 7.8 High |
| An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1203. | ||||
| CVE-2020-1393 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-07-21 | 7.8 High |
| An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418. | ||||
| CVE-2020-1293 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-07-21 | 7.8 High |
| An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1278. | ||||
| CVE-2020-1278 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-07-21 | 7.8 High |
| An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1293. | ||||
| CVE-2020-1257 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-07-21 | 7.8 High |
| An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1278, CVE-2020-1293. | ||||
| CVE-2020-1203 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2021-07-21 | 7.8 High |
| An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1202. | ||||
| CVE-2021-3146 | 2 Dolby, Microsoft | 5 Audio X2, Exchange Server, Visual C\+\+ and 2 more | 2021-04-14 | 7.8 High |
| The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges. | ||||
| CVE-2010-3190 | 2 Apple, Microsoft | 4 Itunes, Visual C\+\+, Visual Studio and 1 more | 2020-11-16 | N/A |
| Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability." | ||||
| CVE-2018-8599 | 1 Microsoft | 5 Visual Studio, Visual Studio 2017, Windows 10 and 2 more | 2020-09-14 | N/A |
| An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability." This affects Microsoft Visual Studio, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers. | ||||
| CVE-2019-1232 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2020-09-14 | 7.8 High |
| An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka 'Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability'. | ||||
| CVE-2019-0727 | 1 Microsoft | 6 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 3 more | 2020-09-14 | N/A |
| An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Diagnostic Hub Standard Collector, Visual Studio Standard Collector Elevation of Privilege Vulnerability'. | ||||
| CVE-2019-1079 | 1 Microsoft | 1 Visual Studio | 2020-08-24 | N/A |
| An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files, aka 'Visual Studio Information Disclosure Vulnerability'. | ||||
| CVE-2019-0537 | 1 Microsoft | 1 Visual Studio | 2020-08-24 | N/A |
| An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio. | ||||