16.5.3

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-10	CVE-2020-17156	Unspecified vulnerability in Microsoft Visual Studio 2017 Visual Studio Remote Code Execution Vulnerability local low complexity microsoft	7.8
2020-11-11	CVE-2020-17100	Unspecified vulnerability in Microsoft Visual Studio 2019 Visual Studio Tampering Vulnerability local low complexity microsoft	5.5
2020-09-15	CVE-2020-8927	Classic Buffer Overflow vulnerability in multiple products A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. network low complexity google debian fedoraproject canonical opensuse microsoft CWE-120	6.5
2020-09-11	CVE-2020-16874	Unspecified vulnerability in Microsoft products <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. local low complexity microsoft	7.8
2020-09-11	CVE-2020-16856	Unspecified vulnerability in Microsoft products <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. local low complexity microsoft	7.8
2020-09-11	CVE-2020-1133	Unspecified vulnerability in Microsoft products <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. local low complexity microsoft	5.5
2020-09-11	CVE-2020-1130	Unspecified vulnerability in Microsoft products <p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. local low complexity microsoft	6.6
2020-08-17	CVE-2020-1597	A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. network low complexity microsoft fedoraproject	7.5
2020-07-14	CVE-2020-1416	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'. network low complexity microsoft CWE-269	8.8
2020-07-14	CVE-2020-1393	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	4.6