Vulnerabilities > Microsoft > Visual Studio 2017 > 15.8.4

DATE CVE VULNERABILITY TITLE RISK
2021-04-13 CVE-2021-28313 Improper Privilege Management vulnerability in Microsoft products
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-269
7.8
7.8
2021-02-25 CVE-2021-1721 Unspecified vulnerability in Microsoft products
.NET Core and Visual Studio Denial of Service Vulnerability
network
low complexity
microsoft
6.5
6.5
2021-02-25 CVE-2021-1639 Unspecified vulnerability in Microsoft Visual Studio 2017 and Visual Studio Code
Visual Studio Code Remote Code Execution Vulnerability
local
high complexity
microsoft
7.0
7.0
2021-01-12 CVE-2021-1651 Improper Privilege Management vulnerability in Microsoft products
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-269
7.8
7.8
2020-12-10 CVE-2020-17156 Unspecified vulnerability in Microsoft Visual Studio 2017
Visual Studio Remote Code Execution Vulnerability
local
low complexity
microsoft
7.8
7.8
2020-09-11 CVE-2020-1133 Unspecified vulnerability in Microsoft products
<p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations.
local
low complexity
microsoft
5.5
5.5
2020-09-11 CVE-2020-1130 Unspecified vulnerability in Microsoft products
<p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations.
local
low complexity
microsoft
6.6
6.6
2020-07-14 CVE-2020-1416 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.
network
low complexity
microsoft CWE-269
8.8
8.8
2020-07-14 CVE-2020-1393 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
4.6
4.6
2020-07-14 CVE-2020-1147 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
network
microsoft
6.8
6.8