The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Visual Studio

Microsoft Visual Studio: vulnerabilities of February 2019
An attacker can use several vulnerabilities of Microsoft products...
CERTFR-2019-AVI-064, CVE-2019-0613, CVE-2019-0657, VIGILANCE-VUL-28512
Microsoft Visual Studio: vulnerabilities of January 2019
An attacker can use several vulnerabilities of Microsoft products...
CVE-2019-0537, CVE-2019-0546, VIGILANCE-VUL-28191, ZDI-19-014, ZDI-19-015, ZDI-19-016
Microsoft Visual Studio: vulnerabilities of July 2018
An attacker can use several vulnerabilities of Microsoft products...
CVE-2018-8172, CVE-2018-8232, VIGILANCE-VUL-28011
Microsoft Visual Studio: privilege escalation via Diagnostics Hub Standard Collector Service
An attacker can bypass restrictions via Diagnostics Hub Standard Collector Service of Microsoft Visual Studio, in order to escalate his privileges...
CERTFR-2018-AVI-598, CVE-2018-8599, VIGILANCE-VUL-28008
Microsoft Visual Studio: privilege escalation
An attacker can bypass restrictions of Microsoft Visual Studio, in order to escalate his privileges...
CERTFR-2018-AVI-399, CVE-2018-0952, VIGILANCE-VUL-26989
Microsoft Visual Studio: information disclosure
An attacker can bypass access restrictions to data of Microsoft Visual Studio, in order to obtain sensitive information...
CERTFR-2018-AVI-181, CVE-2018-1037, VIGILANCE-VUL-25833
Microsoft: executing DLL code
An attacker can create a malicious DLL, and then put it in the current directory of a Microsoft application, in order to execute code...
VIGILANCE-VUL-23108
Visual Studio: Cross Site Request Forgery via ASP.NET MVC5/6
An attacker can trigger a Cross Site Request Forgery in ASP.NET MVC5/6 of Visual Studio, in order to force the victim to perform operations...
3137909, VIGILANCE-VUL-18913
Microsoft DIA SDK: memory corruption via msdia.dll
An attacker can invite the victim to open a malicious PDB file, to generate a memory corruption in msdia.dll of Microsoft DIA SDK, in order to trigger a denial of service, and possibly to execute code...
CVE-2014-3802, VIGILANCE-VUL-14778, ZDI-14-129
ASP.NET SignalR: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of ASP.NET SignalR, in order to execute JavaScript code in the context of the web site...
2905244, BID-64093, CERTA-2013-AVI-669, CVE-2013-5042, MS13-103, VIGILANCE-VUL-13933
Our database contains other pages. You can request a free trial to read them.

Display information about Visual Studio: