Vulnerabilities > Microsoft > Visual Studio 2019 > 16.7.3

DATE CVE VULNERABILITY TITLE RISK
2025-05-13 CVE-2025-32702 Command Injection vulnerability in Microsoft Visual Studio 2019
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.
local
low complexity
microsoft CWE-77
7.8
2025-05-13 CVE-2025-32703 Insufficient Granularity of Access Control vulnerability in Microsoft Visual Studio 2019
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
local
low complexity
microsoft CWE-1220
5.5
2025-02-11 CVE-2025-21206 Unspecified vulnerability in Microsoft Visual Studio 2019 and Visual Studio 2022
Visual Studio Installer Elevation of Privilege Vulnerability
local
low complexity
microsoft
7.3
2024-10-08 CVE-2024-43590 Unspecified vulnerability in Microsoft Visual Studio 2019 and Visual Studio 2022
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
local
low complexity
microsoft
7.8
2024-10-08 CVE-2024-43603 Unspecified vulnerability in Microsoft products
Visual Studio Collector Service Denial of Service Vulnerability
local
low complexity
microsoft
5.5
2023-11-14 CVE-2023-36042 Resource Exhaustion vulnerability in Microsoft Visual Studio 2019 and Visual Studio 2022
Visual Studio Denial of Service Vulnerability
local
low complexity
microsoft CWE-400
5.5
2023-08-08 CVE-2023-36897 Unspecified vulnerability in Microsoft products
Visual Studio Tools for Office Runtime Spoofing Vulnerability
network
low complexity
microsoft
6.5
2023-04-11 CVE-2023-28299 Unspecified vulnerability in Microsoft Visual Studio 2017
Visual Studio Spoofing Vulnerability
local
low complexity
microsoft
5.5
2022-10-11 CVE-2022-41032 NuGet Client Elevation of Privilege Vulnerability
local
low complexity
microsoft fedoraproject
7.8
2022-04-12 CVE-2022-24767 Uncontrolled Search Path Element vulnerability in multiple products
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.
7.8