Total
100
Critical
3
High
77
Medium
20
CISA KEV
2
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network.
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network.
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network.
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
Visual Studio Installer Elevation of Privilege Vulnerability
Visual Studio Elevation of Privilege Vulnerability
Visual Studio Remote Code Execution Vulnerability
.NET Elevation of Privilege Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
.NET Remote Code Execution Vulnerability
Visual Studio Elevation of Privilege Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
Visual Studio Collector Service Denial of Service Vulnerability
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Information Disclosure Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Elevation of Privilege Vulnerability
Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
Microsoft QUIC Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
.NET Denial of Service Vulnerability
.NET Denial of Service Vulnerability
Microsoft Identity Denial of service vulnerability
Visual Studio Elevation of Privilege Vulnerability
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
ASP.NET Core Security Feature Bypass Vulnerability
ASP.NET Core Denial of Service Vulnerability
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
Visual Studio Denial of Service Vulnerability
Microsoft QUIC Denial of Service Vulnerability
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
.NET Core and Visual Studio Denial of Service Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Elevation of Privilege Vulnerability
Visual Studio Elevation of Privilege Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
Visual Studio Tools for Office Runtime Spoofing Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
ASP.NET and Visual Studio Security Feature Bypass Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
Visual Studio Information Disclosure Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Elevation of Privilege Vulnerability
Visual Studio Spoofing Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Information Disclosure Vulnerability
Visual Studio Elevation of Privilege Vulnerability
.NET DLL Hijacking Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
