Vulnerabilities > Microsoft > Visual Studio 2017 > 15.9.3

DATE CVE VULNERABILITY TITLE RISK
2020-07-14 CVE-2020-1416 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.
network
low complexity
microsoft CWE-269
8.8
8.8
2020-07-14 CVE-2020-1393 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
4.6
4.6
2020-01-24 CVE-2019-1354 Improper Input Validation vulnerability in Microsoft Visual Studio 2017
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-20
8.8
8.8
2020-01-24 CVE-2019-1352 Improper Input Validation vulnerability in Microsoft Visual Studio 2017
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-20
8.8
8.8
2020-01-24 CVE-2019-1351 Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.
network
low complexity
microsoft opensuse CWE-706
7.5
7.5
2020-01-24 CVE-2019-1350 Improper Input Validation vulnerability in Microsoft Visual Studio 2017
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-20
8.8
8.8
2020-01-24 CVE-2019-1349 Improper Input Validation vulnerability in Microsoft Visual Studio 2017
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'.
network
low complexity
microsoft CWE-20
8.8
8.8