Vulnerabilities > Microsoft > Visual Studio 2017 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-11 | CVE-2020-17100 | Unspecified vulnerability in Microsoft Visual Studio 2019 Visual Studio Tampering Vulnerability | 5.5 |
| 2020-10-07 | CVE-2020-26870 | Cross-site Scripting vulnerability in multiple products Cure53 DOMPurify before 2.0.17 allows mutation XSS. | 6.1 |
| 2020-09-11 | CVE-2020-1133 | Unspecified vulnerability in Microsoft products <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. | 5.5 |
| 2020-09-11 | CVE-2020-1130 | Unspecified vulnerability in Microsoft products <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. | 6.6 |
| 2020-04-15 | CVE-2020-0900 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka 'Visual Studio Extension Installer Service Elevation of Privilege Vulnerability'. | 5.5 |
| 2020-04-15 | CVE-2020-0899 | Unspecified vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019 An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka 'Microsoft Visual Studio Elevation of Privilege Vulnerability'. | 5.5 |
| 2019-11-12 | CVE-2019-1425 | Link Following vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019 An elevation of privilege vulnerability exists when Visual Studio fails to properly validate hardlinks while extracting archived files, aka 'Visual Studio Elevation of Privilege Vulnerability'. | 6.5 |
| 2019-07-15 | CVE-2019-1077 | Unspecified vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019 An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'. | 5.0 |
| 2019-04-09 | CVE-2019-0757 | A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. | 6.5 |
| 2019-03-05 | CVE-2019-0657 | Improper Input Validation vulnerability in Microsoft products A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'. | 5.9 |