Visual Studio C++ Redistributable Installer
by Microsoft
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0599 | Hig | 0.51 | 7.8 | 0.05 | Jun 26, 2018 | Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2018-0597 | Hig | 0.51 | 7.8 | 0.05 | Jun 26, 2018 | Untrusted search path vulnerability in the installer of Visual Studio Code allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2018-0596 | Hig | 0.51 | 7.8 | 0.05 | Jun 26, 2018 | Untrusted search path vulnerability in the installer of Visual Studio Community allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2019-0809 | 0.01 | — | 0.11 | Apr 9, 2019 | A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'. | |||
| CVE-2024-43590 | 0.00 | — | 0.00 | Oct 8, 2024 | Visual C++ Redistributable Installer Elevation of Privilege Vulnerability | |||
| CVE-2021-27064 | 0.00 | — | 0.01 | Apr 13, 2021 | Visual Studio Installer Elevation of Privilege Vulnerability |
- risk 0.51cvss 7.8epss 0.05
Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- risk 0.51cvss 7.8epss 0.05
Untrusted search path vulnerability in the installer of Visual Studio Code allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- risk 0.51cvss 7.8epss 0.05
Untrusted search path vulnerability in the installer of Visual Studio Community allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- CVE-2019-0809Apr 9, 2019risk 0.01cvss —epss 0.11
A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'.
- CVE-2024-43590Oct 8, 2024risk 0.00cvss —epss 0.00
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
- CVE-2021-27064Apr 13, 2021risk 0.00cvss —epss 0.01
Visual Studio Installer Elevation of Privilege Vulnerability