Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Visual_studio_2017
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 87 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-09-11 | CVE-2020-1130 | <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.</p> | Visual_studio, Visual_studio_2017, Visual_studio_2019, Windows_10, Windows_server_2016, Windows_server_2019 | N/A | ||
| 2020-09-11 | CVE-2020-1133 | <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.</p> | Visual_studio, Visual_studio_2017, Visual_studio_2019, Windows_10, Windows_server_2016, Windows_server_2019 | N/A | ||
| 2020-10-07 | CVE-2020-26870 | Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements. | Dompurify, Debian_linux, Visual_studio_2017, Visual_studio_2019, Application_express | 6.1 | ||
| 2020-11-11 | CVE-2020-17100 | Visual Studio Tampering Vulnerability | Visual_studio_2017, Visual_studio_2019 | N/A | ||
| 2020-12-10 | CVE-2020-17156 | Visual Studio Remote Code Execution Vulnerability | Visual_studio_2017, Visual_studio_2019 | N/A | ||
| 2021-01-12 | CVE-2021-1651 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | Visual_studio, Visual_studio_2017, Visual_studio_2019, Windows_10, Windows_server_2016, Windows_server_2019 | N/A | ||
| 2021-01-12 | CVE-2021-1680 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | Visual_studio, Visual_studio_2017, Visual_studio_2019, Windows_10, Windows_server_2016, Windows_server_2019 | N/A | ||
| 2021-02-25 | CVE-2021-1639 | Visual Studio Code Remote Code Execution Vulnerability | Visual_studio_2017, Visual_studio_2019, Visual_studio_code | N/A | ||
| 2021-02-25 | CVE-2021-1721 | .NET Core and Visual Studio Denial of Service Vulnerability | \.net, \.net_core, Powershell_core, Visual_studio_2017, Visual_studio_2019 | N/A | ||
| 2021-04-13 | CVE-2021-27064 | Visual Studio Installer Elevation of Privilege Vulnerability | Visual_studio_2017, Visual_studio_2019 | N/A |