U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:microsoft:visual_studio_2017:15.0:26228.13:*:*:*:*:*:*
  • CPE Name Search: true
There are 58 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2022-24767

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.

Published: April 12, 2022; 2:15:09 PM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 6.9 MEDIUM
CVE-2022-21871

Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability

Published: January 11, 2022; 4:15:10 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-42319

Visual Studio Elevation of Privilege Vulnerability

Published: November 09, 2021; 8:19:49 PM -0500 		V4.0:(not available)
 V3.1: 4.7 MEDIUM
V2.0: 2.1 LOW
CVE-2021-42277

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Published: November 09, 2021; 8:19:44 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2021-36952

Visual Studio Remote Code Execution Vulnerability

Published: September 15, 2021; 8:15:13 AM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2021-26434

Visual Studio Elevation of Privilege Vulnerability

Published: September 15, 2021; 8:15:09 AM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-34485

.NET Core and Visual Studio Information Disclosure Vulnerability

Published: August 12, 2021; 2:15:09 PM -0400 		V4.0:(not available)
 V3.1: 5.0 MEDIUM
V2.0: 2.1 LOW
CVE-2021-26423

.NET Core and Visual Studio Denial of Service Vulnerability

Published: August 12, 2021; 2:15:08 PM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2021-28322

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

Published: April 13, 2021; 4:15:17 PM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-28321

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

Published: April 13, 2021; 4:15:16 PM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-28313

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability

Published: April 13, 2021; 4:15:16 PM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-27064

Visual Studio Installer Elevation of Privilege Vulnerability

Published: April 13, 2021; 4:15:15 PM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-1721

.NET Core and Visual Studio Denial of Service Vulnerability

Published: February 25, 2021; 6:15:13 PM -0500 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-1639

Visual Studio Code Remote Code Execution Vulnerability

Published: February 25, 2021; 6:15:13 PM -0500 		V4.0:(not available)
 V3.1: 7.0 HIGH
V2.0: 6.8 MEDIUM
CVE-2021-1680

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Published: January 12, 2021; 3:15:32 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-1651

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Published: January 12, 2021; 3:15:30 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2020-17156

Visual Studio Remote Code Execution Vulnerability

Published: December 09, 2020; 7:15:16 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2020-17100

Visual Studio Tampering Vulnerability

Published: November 11, 2020; 2:15:19 AM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2020-1133

<p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.</p>

Published: September 11, 2020; 1:15:19 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2020-1130

<p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.</p>

Published: September 11, 2020; 1:15:19 PM -0400 		V4.0:(not available)
 V3.1: 6.6 MEDIUM
V2.0: 4.6 MEDIUM