Filtered by vendor Microsoft Subscriptions
Filtered by product Visual Studio Subscriptions

Search

Switch to Advanced Search (Beta)
Total 58 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-4891 1 Microsoft 1 Visual Studio 2025-04-09 N/A
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.
CVE-2009-2503 1 Microsoft 27 .net Framework, Excel Viewer, Expression Web and 24 more 2025-04-09 N/A
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability."
CVE-2007-0468 1 Microsoft 1 Visual Studio 2025-04-09 N/A
Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file.
CVE-2008-3704 1 Microsoft 4 Visual Basic, Visual Foxpro, Visual Studio and 1 more 2025-04-09 N/A
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not "validating property values with boundary checks," as exploited in the wild in August 2008, aka "Masked Edit Control Memory Corruption Vulnerability."
CVE-2007-4890 1 Microsoft 1 Visual Studio 2025-04-09 N/A
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method.
CVE-2001-0153 1 Microsoft 2 Visual Basic, Visual Studio 2025-04-03 N/A
Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.
CVE-2000-0162 1 Microsoft 3 Ie, Internet Explorer, Visual Studio 2025-04-03 N/A
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
CVE-2006-1043 1 Microsoft 2 Visual Interdev, Visual Studio 2025-04-03 N/A
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
CVE-2006-4494 1 Microsoft 1 Visual Studio 2025-04-03 N/A
Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.
CVE-2022-35827 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2025-01-02 8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35826 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2025-01-02 8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35825 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2025-01-02 8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2023-33139 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2025-01-01 5.5 Medium
Visual Studio Information Disclosure Vulnerability
CVE-2023-24897 1 Microsoft 18 .net, .net Framework, Visual Studio and 15 more 2025-01-01 7.8 High
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2021-42277 1 Microsoft 17 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 14 more 2024-11-21 5.5 Medium
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-3146 2 Dolby, Microsoft 5 Audio X2, Exchange Server, Visual C\+\+ and 2 more 2024-11-21 7.8 High
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges.
CVE-2021-28322 1 Microsoft 13 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 10 more 2024-11-21 7.8 High
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28321 1 Microsoft 13 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 10 more 2024-11-21 7.8 High
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28313 1 Microsoft 13 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 10 more 2024-11-21 7.8 High
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-1680 1 Microsoft 15 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 12 more 2024-11-21 7.8 High
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability