VYPR

Visual Studio

by Microsoft

CVEs (157)

  • CVE-2008-3704Aug 18, 2008
    risk 0.07cvss epss 0.56

    Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows…

  • CVE-2006-4704Nov 1, 2006
    risk 0.06cvss epss 0.43

    Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous…

  • CVE-2011-1976Aug 10, 2011
    risk 0.05cvss epss 0.21

    Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability."

  • CVE-2007-4891Sep 14, 2007
    risk 0.05cvss epss 0.31

    A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary…

  • CVE-2006-4494Aug 31, 2006
    risk 0.05cvss epss 0.22

    Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3)…

  • CVE-2006-1043Mar 7, 2006
    risk 0.05cvss epss 0.22

    Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).

  • CVE-2006-0187Jan 12, 2006
    risk 0.05cvss epss 0.19

    By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file.

  • CVE-2024-20656Jan 9, 2024
    risk 0.04cvss epss 0.04

    Visual Studio Elevation of Privilege Vulnerability

  • CVE-2007-4890Sep 14, 2007
    risk 0.04cvss epss 0.16

    Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. …

  • CVE-2007-4254Aug 8, 2007
    risk 0.04cvss epss 0.12

    Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap…

  • CVE-2022-30129May 10, 2022
    risk 0.03cvss epss 0.42

    Visual Studio Code Remote Code Execution Vulnerability

  • CVE-2020-1192May 21, 2020
    risk 0.03cvss epss 0.12

    A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171.

  • CVE-2020-1171May 21, 2020
    risk 0.03cvss epss 0.14

    A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192.

  • CVE-2019-1113Jul 29, 2019
    risk 0.03cvss epss 0.10

    A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code…

  • CVE-2019-1079Jul 15, 2019
    risk 0.02cvss epss 0.06

    An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files, aka 'Visual Studio Information Disclosure Vulnerability'.

  • CVE-2019-0546Jan 8, 2019
    risk 0.02cvss epss 0.16

    A remote code execution vulnerability exists in Visual Studio when the C++ compiler improperly handles specific combinations of C++ constructs, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio.

  • CVE-2019-0537Jan 8, 2019
    risk 0.02cvss epss 0.08

    An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.

  • CVE-2009-3126Oct 14, 2009
    risk 0.02cvss epss 0.23

    Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003…

  • CVE-2009-2528Oct 14, 2009
    risk 0.02cvss epss 0.20

    GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."

  • CVE-2009-2504Oct 14, 2009
    risk 0.02cvss epss 0.21

    Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and…

Page 2 of 8