本頁列出影響 microsoft visual_studio 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-49739 | Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network. | [email protected] | 8.8 | 0.91% | 2025-07-08 | 2025-07-16 |
| CVE-2024-43603 | Visual Studio Collector Service Denial of Service Vulnerability | [email protected] | 5.5 | 0.10% | 2024-10-08 | 2024-10-17 |
| CVE-2024-20656 | Visual Studio Elevation of Privilege Vulnerability | [email protected] | 7.8 | 54.33% | 2024-01-09 | 2024-11-21 |
| CVE-2023-24897 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | [email protected] | 7.8 | 1.79% | 2023-06-14 | 2024-11-21 |
| CVE-2023-33139 | Visual Studio Information Disclosure Vulnerability | [email protected] | 5.5 | 1.27% | 2023-06-14 | 2024-11-21 |
| CVE-2022-35827 | Visual Studio Remote Code Execution Vulnerability | [email protected] | 8.8 | 7.80% | 2022-08-09 | 2024-11-21 |
| CVE-2022-35826 | Visual Studio Remote Code Execution Vulnerability | [email protected] | 8.8 | 7.80% | 2022-08-09 | 2024-11-21 |
| CVE-2022-35825 | Visual Studio Remote Code Execution Vulnerability | [email protected] | 8.8 | 3.26% | 2022-08-09 | 2024-11-21 |
| CVE-2022-35777 | Visual Studio Remote Code Execution Vulnerability | [email protected] | 8.8 | 0.68% | 2022-08-09 | 2025-05-29 |
| CVE-2021-42277 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | [email protected] | 5.5 | 0.26% | 2021-11-10 | 2024-11-21 |
| CVE-2021-28322 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.53% | 2021-04-13 | 2024-11-21 |
| CVE-2021-28321 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.85% | 2021-04-13 | 2024-11-21 |
| CVE-2021-28313 | Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.40% | 2021-04-13 | 2024-11-21 |
| CVE-2021-1680 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.26% | 2021-01-12 | 2024-11-21 |
| CVE-2021-1651 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.31% | 2021-01-12 | 2024-11-21 |
| CVE-2020-1133 | <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.</p> | [email protected] | 5.5 | 0.41% | 2020-09-11 | 2026-02-23 |
| CVE-2020-1130 | <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.</p> | [email protected] | 6.6 | 0.50% | 2020-09-11 | 2026-02-23 |
| CVE-2020-16874 | <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configur | [email protected] | 7.8 | 12.24% | 2020-09-11 | 2026-02-23 |
| CVE-2020-16856 | <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configur | [email protected] | 7.8 | 12.15% | 2020-09-11 | 2026-02-23 |
| CVE-2020-1393 | An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418. | [email protected] | 7.8 | 0.29% | 2020-07-14 | 2024-11-21 |