Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Visual_studio_2022
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 113 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-08-12 | CVE-2025-53773 | Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally. | Visual_studio_2022 | N/A | ||
| 2025-07-08 | CVE-2025-49739 | Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network. | Visual_studio, Visual_studio_2017, Visual_studio_2019, Visual_studio_2022 | 8.8 | ||
| 2025-01-14 | CVE-2025-21171 | .NET Remote Code Execution Vulnerability | \.net, Powershell, Visual_studio_2022 | 7.5 | ||
| 2025-04-08 | CVE-2025-29802 | Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | Visual_studio_2022 | 7.3 | ||
| 2025-04-08 | CVE-2025-29804 | Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. | Visual_studio_2022 | 7.3 | ||
| 2025-05-13 | CVE-2025-26646 | External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. | \.net, Build_tools, Visual_studio_2022 | N/A | ||
| 2025-06-13 | CVE-2025-30399 | Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. | \.net, Powershell, Visual_studio_2022 | N/A | ||
| 2025-06-13 | CVE-2025-47959 | Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network. | Visual_studio_2022 | 7.1 | ||
| 2025-04-08 | CVE-2025-26682 | Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. | Asp\.net_core, Visual_studio_2022 | N/A | ||
| 2025-04-08 | CVE-2025-26682 | Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. | Asp\.net_core, Visual_studio_2022 | N/A |