本页列出影响 microsoft visual_studio 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2025-49739 | Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network. | [email protected] | 8.8 | 0.77% | 2025-07-08 | 2026-06-17 |
| CVE-2024-43603 | Visual Studio Collector Service Denial of Service Vulnerability | [email protected] | 5.5 | 0.76% | 2024-10-08 | 2026-06-17 |
| CVE-2024-20656 | Visual Studio Elevation of Privilege Vulnerability | [email protected] | 7.8 | 3.91% | 2024-01-09 | 2026-06-17 |
| CVE-2023-24897 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | [email protected] | 7.8 | 1.18% | 2023-06-14 | 2026-06-17 |
| CVE-2023-33139 | Visual Studio Information Disclosure Vulnerability | [email protected] | 5.5 | 0.82% | 2023-06-13 | 2026-06-17 |
| CVE-2022-35827 | Visual Studio Remote Code Execution Vulnerability | [email protected] | 8.8 | 1.78% | 2022-08-09 | 2026-06-17 |
| CVE-2022-35826 | Visual Studio Remote Code Execution Vulnerability | [email protected] | 8.8 | 1.78% | 2022-08-09 | 2026-06-17 |
| CVE-2022-35825 | Visual Studio Remote Code Execution Vulnerability | [email protected] | 8.8 | 1.78% | 2022-08-09 | 2026-06-17 |
| CVE-2022-35777 | Visual Studio Remote Code Execution Vulnerability | [email protected] | 8.8 | 1.68% | 2022-08-09 | 2026-06-17 |
| CVE-2021-42277 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | [email protected] | 5.5 | 0.80% | 2021-11-09 | 2026-06-17 |
| CVE-2021-28322 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | [email protected] | 7.8 | 1.04% | 2021-04-13 | 2026-06-16 |
| CVE-2021-28321 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | [email protected] | 7.8 | 1.28% | 2021-04-13 | 2026-06-16 |
| CVE-2021-28313 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | [email protected] | 7.8 | 1.04% | 2021-04-13 | 2026-06-16 |
| CVE-2021-1680 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.71% | 2021-01-12 | 2026-06-16 |
| CVE-2021-1651 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.81% | 2021-01-12 | 2026-06-16 |
| CVE-2020-1133 | <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.</p> | [email protected] | 5.5 | 0.98% | 2020-09-11 | 2026-06-16 |
| CVE-2020-1130 | <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.</p> | [email protected] | 6.6 | 0.78% | 2020-09-11 | 2026-06-16 |
| CVE-2020-16874 | <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configur | [email protected] | 7.8 | 4.29% | 2020-09-11 | 2026-06-16 |
| CVE-2020-16856 | <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configur | [email protected] | 7.8 | 4.37% | 2020-09-11 | 2026-06-16 |
| CVE-2020-1393 | An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418. | [email protected] | 7.8 | 0.92% | 2020-07-14 | 2026-06-16 |