Visual Studio
by Microsoft
CVEs (157)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-2503 | 0.02 | — | 0.22 | Oct 14, 2009 | GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer… | |||
| CVE-2009-2501 | 0.02 | — | 0.27 | Oct 14, 2009 | Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel… | |||
| CVE-2009-2500 | 0.02 | — | 0.24 | Oct 14, 2009 | Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003… | |||
| CVE-2007-0468 | 0.02 | — | 0.25 | Jan 24, 2007 | Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file. | |||
| CVE-2025-53773 | 0.01 | — | 0.03 | Aug 12, 2025 | Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally. | |||
| CVE-2022-35827 | 0.01 | — | 0.02 | Aug 9, 2022 | Visual Studio Remote Code Execution Vulnerability | |||
| CVE-2022-35826 | 0.01 | — | 0.02 | Aug 9, 2022 | Visual Studio Remote Code Execution Vulnerability | |||
| CVE-2021-43908 | 0.01 | — | 0.03 | Dec 15, 2021 | Visual Studio Code Spoofing Vulnerability | |||
| CVE-2021-43891 | 0.01 | — | 0.12 | Dec 15, 2021 | Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-34529 | 0.01 | — | 0.04 | Jul 14, 2021 | Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-34528 | 0.01 | — | 0.03 | Jul 14, 2021 | Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-34479 | 0.01 | — | 0.03 | Jul 14, 2021 | Microsoft Visual Studio Spoofing Vulnerability | |||
| CVE-2021-31214 | 0.01 | — | 0.03 | May 11, 2021 | Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-31211 | 0.01 | — | 0.03 | May 11, 2021 | Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-27068 | 0.01 | — | 0.54 | May 11, 2021 | Visual Studio Remote Code Execution Vulnerability | |||
| CVE-2021-28475 | 0.01 | — | 0.03 | Apr 13, 2021 | Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-28473 | 0.01 | — | 0.03 | Apr 13, 2021 | Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-28471 | 0.01 | — | 0.04 | Apr 13, 2021 | Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-28469 | 0.01 | — | 0.03 | Apr 13, 2021 | Visual Studio Code Remote Code Execution Vulnerability | |||
| CVE-2021-28457 | 0.01 | — | 0.03 | Apr 13, 2021 | Visual Studio Code Remote Code Execution Vulnerability |
- CVE-2009-2503Oct 14, 2009risk 0.02cvss —epss 0.22
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer…
- CVE-2009-2501Oct 14, 2009risk 0.02cvss —epss 0.27
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel…
- CVE-2009-2500Oct 14, 2009risk 0.02cvss —epss 0.24
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003…
- CVE-2007-0468Jan 24, 2007risk 0.02cvss —epss 0.25
Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file.
- CVE-2025-53773Aug 12, 2025risk 0.01cvss —epss 0.03
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
- CVE-2022-35827Aug 9, 2022risk 0.01cvss —epss 0.02
Visual Studio Remote Code Execution Vulnerability
- CVE-2022-35826Aug 9, 2022risk 0.01cvss —epss 0.02
Visual Studio Remote Code Execution Vulnerability
- CVE-2021-43908Dec 15, 2021risk 0.01cvss —epss 0.03
Visual Studio Code Spoofing Vulnerability
- CVE-2021-43891Dec 15, 2021risk 0.01cvss —epss 0.12
Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-34529Jul 14, 2021risk 0.01cvss —epss 0.04
Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-34528Jul 14, 2021risk 0.01cvss —epss 0.03
Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-34479Jul 14, 2021risk 0.01cvss —epss 0.03
Microsoft Visual Studio Spoofing Vulnerability
- CVE-2021-31214May 11, 2021risk 0.01cvss —epss 0.03
Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-31211May 11, 2021risk 0.01cvss —epss 0.03
Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-27068May 11, 2021risk 0.01cvss —epss 0.54
Visual Studio Remote Code Execution Vulnerability
- CVE-2021-28475Apr 13, 2021risk 0.01cvss —epss 0.03
Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-28473Apr 13, 2021risk 0.01cvss —epss 0.03
Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-28471Apr 13, 2021risk 0.01cvss —epss 0.04
Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-28469Apr 13, 2021risk 0.01cvss —epss 0.03
Visual Studio Code Remote Code Execution Vulnerability
- CVE-2021-28457Apr 13, 2021risk 0.01cvss —epss 0.03
Visual Studio Code Remote Code Execution Vulnerability
Page 3 of 8