Vulnerabilites related to Microsoft - Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
cve-2022-21871
Vulnerability from cvelistv5
Published
2022-01-11 20:22
Modified
2025-01-02 18:22
Severity ?
EPSS score ?
Summary
Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21871 | vendor-advisory |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:53:36.400Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21871", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows 10 Version 1809", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.2452", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "ARM64-based Systems", ], product: "Windows 10 Version 1809", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.2452", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.2452", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.2452", status: "affected", version: "10.0.17763.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1909", vendor: "Microsoft", versions: [ { lessThan: "10.0.18363.2037", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems", ], product: "Windows 10 Version 21H1", vendor: "Microsoft", versions: [ { lessThan: "10.0.19043.1466", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2022", vendor: "Microsoft", versions: [ { lessThan: "10.0.20348.469", status: "affected", version: "10.0.20348.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "ARM64-based Systems", ], product: "Windows 10 Version 20H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.19042.1466", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server version 20H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.19042.1466", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", "ARM64-based Systems", ], product: "Windows 11 version 21H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.22000.434", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems", ], product: "Windows 10 Version 21H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.19043.1466", status: "affected", version: "10.0.19043.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows 10 Version 1507", vendor: "Microsoft", versions: [ { lessThan: "10.0.10240.19177", status: "affected", version: "10.0.10240.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows 10 Version 1607", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.4886", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.4886", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", ], product: "Windows Server 2016 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.4886", status: "affected", version: "10.0.14393.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.44", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.25", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.17", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "27551.00", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.17763.2452", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", versionEndExcluding: "10.0.17763.2452", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.17763.2452", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.17763.2452", versionStartIncluding: "10.0.17763.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.18363.2037", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_21H1:*:*:*:*:*:*:x64:*", versionEndExcluding: "10.0.19043.1466", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.20348.469", versionStartIncluding: "10.0.20348.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.19042.1466", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.19042.1466", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*", versionEndExcluding: "10.0.22000.434", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.19043.1466", versionStartIncluding: "10.0.19043.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.10240.19177", versionStartIncluding: "10.0.10240.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", versionEndExcluding: "10.0.14393.4886", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.14393.4886", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*", versionEndExcluding: "10.0.14393.4886", versionStartIncluding: "10.0.14393.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", versionEndExcluding: "15.9.44", versionStartIncluding: "15.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.7.25", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.17", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update3:*:*:*:*:*:*", versionEndExcluding: "27551.00", versionStartIncluding: "14.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-01-11T08:00:00+00:00", descriptions: [ { lang: "en-US", value: "Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:22:22.488Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21871", }, ], title: "Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-21871", datePublished: "2022-01-11T20:22:40", dateReserved: "2021-12-14T00:00:00", dateUpdated: "2025-01-02T18:22:22.488Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24767
Vulnerability from cvelistv5
Published
2022-04-12 17:51
Modified
2024-10-01 14:53
Severity ?
EPSS score ?
Summary
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: unspecified |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:50.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-24767", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-01-31T15:23:28.548160Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-427", description: "CWE-427 Uncontrolled Search Path Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-01T14:53:40.641Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2022 version 17.1", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, { product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { status: "affected", version: "unspecified", }, ], }, ], descriptions: [ { lang: "en", value: "GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-15T19:58:54", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-24767", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2022 version 17.1", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", version: { version_data: [ { version_value: "", }, ], }, }, { product_name: "Microsoft Visual Studio 2022 version 17.0", version: { version_data: [ { version_value: "", }, ], }, }, ], }, vendor_name: "Microsoft", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767", refsource: "MISC", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-24767", datePublished: "2022-04-12T17:51:04", dateReserved: "2022-02-10T00:00:00", dateUpdated: "2024-10-01T14:53:40.641Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34485
Vulnerability from cvelistv5
Published
2021-08-12 18:11
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34485 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.38 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.369Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34485", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.38", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "16.4.25", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.18", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.10", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9)", vendor: "Microsoft", versions: [ { lessThan: "16.10.5", status: "affected", version: "16.10.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "PowerShell 7.1", vendor: "Microsoft", versions: [ { lessThan: "7.1.4", status: "affected", version: "7.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "PowerShell 7.0", vendor: "Microsoft", versions: [ { lessThan: "7.0.7", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET Core 2.1", vendor: "Microsoft", versions: [ { lessThan: "2.1.30", status: "affected", version: "2.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.18", status: "affected", version: "3.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.9", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-08-10T07:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET Core and Visual Studio Information Disclosure Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T19:54:07.748Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34485", }, ], title: ".NET Core and Visual Studio Information Disclosure Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-34485", datePublished: "2021-08-12T18:11:57", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.369Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-42319
Vulnerability from cvelistv5
Published
2021-11-10 00:47
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42319 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.41 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:30:38.244Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42319", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.41", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.21", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.13", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.6", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, ], datePublic: "2021-11-09T08:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-29T14:47:45.942Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42319", }, ], title: "Visual Studio Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-42319", datePublished: "2021-11-10T00:47:41", dateReserved: "2021-10-12T00:00:00", dateUpdated: "2024-08-04T03:30:38.244Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35827
Vulnerability from cvelistv5
Published
2022-08-09 20:12
Modified
2025-01-02 19:34
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.7 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:44:22.086Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-35827", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-21T19:23:43.503677Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-21T19:25:36.725Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.2", vendor: "Microsoft", versions: [ { lessThan: "17.2.7", status: "affected", version: "17.2.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.13", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.50", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "14.0.27552.0", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.18", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.24", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2013 Update 5", vendor: "Microsoft", versions: [ { lessThan: "12.0.40699.0", status: "affected", version: "12.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2012 Update 5", vendor: "Microsoft", versions: [ { lessThan: "11.0.61252.0", status: "affected", version: "11.0.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.2.7", versionStartIncluding: "17.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.13", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", versionEndExcluding: "15.9.50", versionStartIncluding: "15.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update3:*:*:*:*:*:*", versionEndExcluding: "14.0.27552.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.18", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.24", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*", versionEndExcluding: "12.0.40699.0", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*", versionEndExcluding: "11.0.61252.0", versionStartIncluding: "11.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-08-09T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T19:34:57.317Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827", }, ], title: "Visual Studio Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-35827", datePublished: "2022-08-09T20:12:50", dateReserved: "2022-07-13T00:00:00", dateUpdated: "2025-01-02T19:34:57.317Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27068
Vulnerability from cvelistv5
Published
2021-05-11 19:11
Modified
2024-11-19 14:56
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27068 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) |
Version: 16.0 < publication cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:40:47.252Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27068", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-27068", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-01-08T19:14:30.372062Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T14:56:33.373Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-05-11T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T23:56:45.751Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27068", }, ], title: "Visual Studio Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-27068", datePublished: "2021-05-11T19:11:13", dateReserved: "2021-02-10T00:00:00", dateUpdated: "2024-11-19T14:56:33.373Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24512
Vulnerability from cvelistv5
Published
2022-03-09 17:08
Modified
2025-01-02 18:35
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
Version: 16.0.0 < 16.7.26 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:13:56.019Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: ".NET and Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.26", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.18", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.11", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.7", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.15", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.3", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.23", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "PowerShell 7.2", vendor: "Microsoft", versions: [ { lessThan: "7.2.2", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "PowerShell 7.0", vendor: "Microsoft", versions: [ { lessThan: "7.0.9", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "PowerShell 7.1", vendor: "Microsoft", versions: [ { lessThan: "7.1.6", status: "affected", version: "7.1.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.7.26", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.18", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.11", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.7", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "5.0.15", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.3", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.23", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", versionEndExcluding: "7.2.2", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", versionEndExcluding: "7.0.9", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", versionEndExcluding: "7.1.6", versionStartIncluding: "7.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-03-08T08:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET and Visual Studio Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:35:12.932Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET and Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512", }, ], title: ".NET and Visual Studio Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-24512", datePublished: "2022-03-09T17:08:15", dateReserved: "2022-02-05T00:00:00", dateUpdated: "2025-01-02T18:35:12.932Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-42277
Vulnerability from cvelistv5
Published
2021-11-10 00:47
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1306/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.0 < 10.0.17763.2300 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:arm64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:30:37.813Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1306/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1809", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.2300", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2300:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.2300", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2300:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.17763.2300", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1916:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1916:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1916:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1909", vendor: "Microsoft", versions: [ { lessThan: "10.0.18363.1916", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:x86:*", ], platforms: [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems", ], product: "Windows 10 Version 21H1", vendor: "Microsoft", versions: [ { lessThan: "10.0.19043.1348", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.350:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2022", vendor: "Microsoft", versions: [ { lessThan: "10.0.20348.350", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1348:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems", ], product: "Windows 10 Version 2004", vendor: "Microsoft", versions: [ { lessThan: "10.0.19041.1348", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1348:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server version 2004", vendor: "Microsoft", versions: [ { lessThan: "10.0.19041.1348", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1348:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1348:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "ARM64-based Systems", ], product: "Windows 10 Version 20H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.19042.1348", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19041.1348:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server version 20H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.19041.1348", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.318:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.318:*:*:*:*:*:arm64:*", ], platforms: [ "x64-based Systems", "ARM64-based Systems", ], product: "Windows 11 version 21H2", vendor: "Microsoft", versions: [ { lessThan: "10.0.22000.318", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19119:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19119:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows 10 Version 1507", vendor: "Microsoft", versions: [ { lessThan: "10.0.10240.19119", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4770:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4770:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Windows 10 Version 1607", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.4770", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2016", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.4770", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2016 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "10.0.14393.4770", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.41", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.21", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.13", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.6", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "27550.00", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-11-09T08:00:00+00:00", descriptions: [ { lang: "en-US", value: "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-29T14:47:57.294Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1306/", }, ], title: "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-42277", datePublished: "2021-11-10T00:47:02", dateReserved: "2021-10-12T00:00:00", dateUpdated: "2024-08-04T03:30:37.813Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24464
Vulnerability from cvelistv5
Published
2022-03-09 17:07
Modified
2025-01-02 18:35
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.3 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:13:55.503Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: ".NET and Visual Studio Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.3", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.15", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.23", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.26", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.18", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.11", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.7", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.3", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "5.0.15", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.23", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.7.26", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.18", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.11", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.7", versionStartIncluding: "17.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-03-08T08:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET and Visual Studio Denial of Service Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:35:20.325Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET and Visual Studio Denial of Service Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464", }, ], title: ".NET and Visual Studio Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-24464", datePublished: "2022-03-09T17:07:46", dateReserved: "2022-02-05T00:00:00", dateUpdated: "2025-01-02T18:35:20.325Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29117
Vulnerability from cvelistv5
Published
2022-05-10 20:34
Modified
2025-01-02 18:58
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.5 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:10:59.422Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117", }, { name: "FEDORA-2022-d69fee9f38", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/", }, { name: "FEDORA-2022-9a1d5ea33c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/", }, { name: "FEDORA-2022-256d559f0c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.5", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.25", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.17", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.10", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.21", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.1", vendor: "Microsoft", versions: [ { lessThan: "17.1.7", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.14", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.5", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.25", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "5.0.17", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.10", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.21", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.1.7", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.14", versionStartIncluding: "16.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-05-10T08:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET and Visual Studio Denial of Service Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:58:09.910Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET and Visual Studio Denial of Service Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29117", }, ], title: ".NET and Visual Studio Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-29117", datePublished: "2022-05-10T20:34:23", dateReserved: "2022-04-12T00:00:00", dateUpdated: "2025-01-02T18:58:09.910Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41355
Vulnerability from cvelistv5
Published
2021-10-13 00:28
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | PowerShell 7.1 |
Version: 7.1.0 < 7.1.5 cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:* |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:08:32.217Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "PowerShell 7.1", vendor: "Microsoft", versions: [ { lessThan: "7.1.5", status: "affected", version: "7.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.12", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.5", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.11", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-10-12T07:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET Core and Visual Studio Information Disclosure Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-29T14:52:18.055Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], title: ".NET Core and Visual Studio Information Disclosure Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-41355", datePublished: "2021-10-13T00:28:19", dateReserved: "2021-09-17T00:00:00", dateUpdated: "2024-08-04T03:08:32.217Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30184
Vulnerability from cvelistv5
Published
2022-06-15 21:52
Modified
2025-02-28 19:57
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30184 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:40:47.782Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184", }, { name: "FEDORA-2022-cd37732349", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/", }, { name: "FEDORA-2022-5508547b1e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-30184", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-28T19:25:47.451932Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-28T19:57:01.224Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.6", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.26", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.22", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac version 8.10", vendor: "Microsoft", versions: [ { lessThan: "17.0.2", status: "affected", version: "8.1.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.16", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.11", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.2", vendor: "Microsoft", versions: [ { lessThan: "17.2.4", status: "affected", version: "17.2.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "NuGet.exe", vendor: "Microsoft", versions: [ { lessThan: "6.2.0", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Visual Studio 2022 for Mac version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.2", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.6", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.26", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.22", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:macos:*:*", versionEndExcluding: "17.0.2", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.16", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.11", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.2.4", versionStartIncluding: "17.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:nuget:*:*:*:*:*:*:*:*", versionEndExcluding: "6.2.0", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.2", versionStartIncluding: "17.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-06-14T07:00:00.000Z", descriptions: [ { lang: "en-US", value: ".NET and Visual Studio Information Disclosure Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T19:03:10.967Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET and Visual Studio Information Disclosure Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30184", }, ], title: ".NET and Visual Studio Information Disclosure Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-30184", datePublished: "2022-06-15T21:52:20.000Z", dateReserved: "2022-05-03T00:00:00.000Z", dateUpdated: "2025-02-28T19:57:01.224Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26434
Vulnerability from cvelistv5
Published
2021-09-15 11:23
Modified
2024-08-03 20:26
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26434 | x_refsource_MISC | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1077/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.39 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:26:25.193Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26434", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1077/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.39", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "16.4.26", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.19", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.11", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.3", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, ], datePublic: "2021-09-14T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T19:37:25.359Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26434", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1077/", }, ], title: "Visual Studio Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-26434", datePublished: "2021-09-15T11:23:00", dateReserved: "2021-01-29T00:00:00", dateUpdated: "2024-08-03T20:26:25.193Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24513
Vulnerability from cvelistv5
Published
2022-04-15 19:03
Modified
2025-01-02 18:51
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.49 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:13:56.028Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Visual Studio Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.49", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.27", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.23", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac version 8.10", vendor: "Microsoft", versions: [ { lessThan: "8.10.24", status: "affected", version: "8.1.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.16", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.12", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.1", vendor: "Microsoft", versions: [ { lessThan: "17.1.7", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Visual Studio 2022 for Mac version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.3", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", versionEndExcluding: "15.9.49", versionStartIncluding: "15.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.7.27", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.23", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:macos:*:*", versionEndExcluding: "8.10.24", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.16", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.12", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.1.7", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.3", versionStartIncluding: "17.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-04-12T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:51:46.747Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Visual Studio Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513", }, ], title: "Visual Studio Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-24513", datePublished: "2022-04-15T19:03:40", dateReserved: "2022-02-05T00:00:00", dateUpdated: "2025-01-02T18:51:46.747Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21986
Vulnerability from cvelistv5
Published
2022-02-09 16:36
Modified
2025-01-02 18:28
Severity ?
EPSS score ?
Summary
.NET Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) |
Version: 15.0.0 < 16.9.17 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:00:54.541Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: ".NET Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.17", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.10", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.6", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac version 8.10", vendor: "Microsoft", versions: [ { lessThan: "8.10.18", status: "affected", version: "8.1.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.14", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.2", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.17", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.10", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.6", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:macos:*:*", versionEndExcluding: "8.10.18", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "5.0.14", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.2", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-02-08T08:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET Denial of Service Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:28:16.455Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET Denial of Service Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986", }, ], title: ".NET Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-21986", datePublished: "2022-02-09T16:36:32", dateReserved: "2021-12-16T00:00:00", dateUpdated: "2025-01-02T18:28:16.455Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-34716
Vulnerability from cvelistv5
Published
2022-08-09 19:55
Modified
2025-01-02 19:34
Severity ?
EPSS score ?
Summary
.NET Spoofing Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:15:16.112Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: ".NET Spoofing Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.50", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.2", vendor: "Microsoft", versions: [ { lessThan: "17.2.7", status: "affected", version: "17.2.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.24", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.18", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.13", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.8", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.28", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "PowerShell 7.0", vendor: "Microsoft", versions: [ { lessThan: "7.0.12", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "PowerShell 7.2", vendor: "Microsoft", versions: [ { lessThan: "7.2.6", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", versionEndExcluding: "15.9.50", versionStartIncluding: "15.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.2.7", versionStartIncluding: "17.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.24", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.18", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.13", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.8", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.28", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", versionEndExcluding: "7.0.12", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", versionEndExcluding: "7.2.6", versionStartIncluding: "7.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-08-09T07:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET Spoofing Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Spoofing", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T19:34:26.518Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET Spoofing Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716", }, ], title: ".NET Spoofing Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-34716", datePublished: "2022-08-09T19:55:43", dateReserved: "2022-06-27T00:00:00", dateUpdated: "2025-01-02T19:34:26.518Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28313
Vulnerability from cvelistv5
Published
2021-04-13 19:32
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28313 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2021/Apr/40 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Windows 10 Version 1803 |
Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:* |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:13.305Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28313", }, { name: "20210419 CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Apr/40", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1803", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1809", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1909", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server, version 1909 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems", ], product: "Windows 10 Version 2004", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server version 2004", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "ARM64-based Systems", ], product: "Windows 10 Version 20H2", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server version 20H2", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-04-13T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-29T19:21:09.441Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28313", }, { name: "20210419 CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Apr/40", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html", }, ], title: "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-28313", datePublished: "2021-04-13T19:32:49", dateReserved: "2021-03-12T00:00:00", dateUpdated: "2024-08-03T21:40:13.305Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43877
Vulnerability from cvelistv5
Published
2021-12-15 14:15
Modified
2024-08-04 04:10
Severity ?
EPSS score ?
Summary
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
Version: 16.0.0 < 16.7.23 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:10:17.113Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.23", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.15", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.8", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.3", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "ASP.NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.22", status: "affected", version: "3.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:asp.net_core:5.0:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "ASP.NET Core 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.13", status: "affected", version: "5.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:asp.net_core:6.0:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "ASP.NET Core 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.101", status: "affected", version: "6.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.1", vendor: "Microsoft", versions: [ { lessThan: "17.1.4", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-12-14T08:00:00+00:00", descriptions: [ { lang: "en-US", value: "ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-29T14:44:33.540Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877", }, ], title: "ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-43877", datePublished: "2021-12-15T14:15:31", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-04T04:10:17.113Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38013
Vulnerability from cvelistv5
Published
2022-09-13 00:00
Modified
2025-03-11 16:10
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Visual Studio 2022 for Mac version 17.3 |
Version: 17.3 < 17.3.5 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:37:42.606Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013", }, { name: "FEDORA-2022-980d492c98", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/", }, { name: "FEDORA-2022-847c67b3cd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/", }, { name: "FEDORA-2022-d80b1d2827", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/", }, { name: "FEDORA-2022-34a610d9bf", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/", }, { name: "FEDORA-2022-13046bb867", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Visual Studio 2022 for Mac version 17.3", vendor: "Microsoft", versions: [ { lessThan: "17.3.5", status: "affected", version: "17.3", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.3", vendor: "Microsoft", versions: [ { lessThan: "17.3.4", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.29", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.9", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.19", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.25", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.14", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.2", vendor: "Microsoft", versions: [ { lessThan: "17.2.8", status: "affected", version: "17.2.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:*", versionEndExcluding: "17.3.5", versionStartIncluding: "17.3", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.3.4", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.29", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.9", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.19", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.25", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.14", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.2.8", versionStartIncluding: "17.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-09-13T07:00:00.000Z", descriptions: [ { lang: "en-US", value: ".NET Core and Visual Studio Denial of Service Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-11T16:10:17.149Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET Core and Visual Studio Denial of Service Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38013", }, ], title: ".NET Core and Visual Studio Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-38013", datePublished: "2022-09-13T00:00:00", dateReserved: "2022-08-08T00:00:00", dateUpdated: "2025-03-11T16:10:17.149Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35777
Vulnerability from cvelistv5
Published
2022-08-09 19:59
Modified
2025-01-02 19:34
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35777 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:44:21.928Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35777", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.50", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.24", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.18", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.13", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2012 Update 5", vendor: "Microsoft", versions: [ { lessThan: "11.0.61252.0", status: "affected", version: "11.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2013 Update 5", vendor: "Microsoft", versions: [ { lessThan: "12.0.40699.0", status: "affected", version: "12.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "14.0.27552.0", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.2", vendor: "Microsoft", versions: [ { lessThan: "17.2.7", status: "affected", version: "17.2.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", versionEndExcluding: "15.9.50", versionStartIncluding: "15.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.24", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.18", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.13", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*", versionEndExcluding: "11.0.61252.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*", versionEndExcluding: "12.0.40699.0", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update3:*:*:*:*:*:*", versionEndExcluding: "14.0.27552.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.2.7", versionStartIncluding: "17.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-08-09T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T19:34:57.963Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35777", }, ], title: "Visual Studio Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-35777", datePublished: "2022-08-09T19:59:23", dateReserved: "2022-07-13T00:00:00", dateUpdated: "2025-01-02T19:34:57.963Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35826
Vulnerability from cvelistv5
Published
2022-08-09 20:12
Modified
2025-01-02 19:34
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:44:22.069Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-35826", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-21T19:26:13.774576Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-21T19:26:26.305Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.50", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.24", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.18", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.13", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2012 Update 5", vendor: "Microsoft", versions: [ { lessThan: "11.0.61252.0", status: "affected", version: "11.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2013 Update 5", vendor: "Microsoft", versions: [ { lessThan: "12.0.40699.0", status: "affected", version: "12.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "14.0.27552.0", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.2", vendor: "Microsoft", versions: [ { lessThan: "17.2.7", status: "affected", version: "17.2.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", versionEndExcluding: "15.9.50", versionStartIncluding: "15.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.24", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.18", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.13", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*", versionEndExcluding: "11.0.61252.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*", versionEndExcluding: "12.0.40699.0", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update3:*:*:*:*:*:*", versionEndExcluding: "14.0.27552.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.2.7", versionStartIncluding: "17.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-08-09T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T19:34:56.811Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826", }, ], title: "Visual Studio Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-35826", datePublished: "2022-08-09T20:12:36", dateReserved: "2022-07-13T00:00:00", dateUpdated: "2025-01-02T19:34:56.811Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28321
Vulnerability from cvelistv5
Published
2021-04-13 19:32
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28321 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2021/Apr/40 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Windows 10 Version 1803 |
Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:* |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:14.051Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28321", }, { name: "20210419 CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Apr/40", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1803", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1809", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1909", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server, version 1909 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems", ], product: "Windows 10 Version 2004", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server version 2004", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "ARM64-based Systems", ], product: "Windows 10 Version 20H2", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server version 20H2", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-04-13T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-29T19:21:13.552Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28321", }, { name: "20210419 CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Apr/40", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html", }, ], title: "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-28321", datePublished: "2021-04-13T19:32:55", dateReserved: "2021-03-12T00:00:00", dateUpdated: "2024-08-03T21:40:14.051Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29145
Vulnerability from cvelistv5
Published
2022-05-10 20:34
Modified
2025-01-02 18:58
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.5 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:10:59.448Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29145", }, { name: "FEDORA-2022-d69fee9f38", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/", }, { name: "FEDORA-2022-9a1d5ea33c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/", }, { name: "FEDORA-2022-256d559f0c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.5", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.25", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.17", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.1", vendor: "Microsoft", versions: [ { lessThan: "17.1.7", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.21", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.10", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.14", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.5", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.25", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "5.0.17", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.1.7", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.21", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.10", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.14", versionStartIncluding: "16.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-05-10T08:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET and Visual Studio Denial of Service Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:58:19.924Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET and Visual Studio Denial of Service Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29145", }, ], title: ".NET and Visual Studio Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-29145", datePublished: "2022-05-10T20:34:56", dateReserved: "2022-04-12T00:00:00", dateUpdated: "2025-01-02T18:58:19.924Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28322
Vulnerability from cvelistv5
Published
2021-04-13 19:32
Modified
2024-08-03 21:40
Severity ?
EPSS score ?
Summary
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28322 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2021/Apr/40 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Windows 10 Version 1803 |
Version: 10.0.0 < publication cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:* |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:40:14.192Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28322", }, { name: "20210419 CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Apr/40", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1803:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1803", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1809", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2019", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server 2019 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems", ], product: "Windows 10 Version 1909", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server, version 1909 (Server Core installation)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems", ], product: "Windows 10 Version 2004", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server version 2004", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:arm64:*", ], platforms: [ "32-bit Systems", "ARM64-based Systems", ], product: "Windows 10 Version 20H2", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", ], product: "Windows Server version 20H2", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "10.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-04-13T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-29T19:21:14.048Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28322", }, { name: "20210419 CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Apr/40", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html", }, ], title: "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-28322", datePublished: "2021-04-13T19:32:56", dateReserved: "2021-03-12T00:00:00", dateUpdated: "2024-08-03T21:40:14.192Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31204
Vulnerability from cvelistv5
Published
2021-05-11 19:11
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31204 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVMWZPF4FR6JPFSNAIDIUDULHZJBVCW6/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6M7KL3KTHJVQNRA3CWFUTESQJARQEHSZ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F3VM3RMPE7PNNLLI3BPCSAXITQZCFCA/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWF25Z3CZ6LYCOHZ7FPSFAQ426JUBUZ4/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UV4ITB3SUDGR23G7XALUVKFJMZERFUKF/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFXJPQUYUITJMV75YN3XIGE3KKN5GOCU/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | .NET Core 3.1 |
Version: 3.1 < 3.1.15-servicing.21214.3 cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:55:53.545Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31204", }, { name: "FEDORA-2021-a3c205f5b2", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVMWZPF4FR6JPFSNAIDIUDULHZJBVCW6/", }, { name: "FEDORA-2021-13e3bd248f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6M7KL3KTHJVQNRA3CWFUTESQJARQEHSZ/", }, { name: "FEDORA-2021-721731dc86", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F3VM3RMPE7PNNLLI3BPCSAXITQZCFCA/", }, { name: "FEDORA-2021-c06b64b5ee", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWF25Z3CZ6LYCOHZ7FPSFAQ426JUBUZ4/", }, { name: "FEDORA-2021-f25eb9e302", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UV4ITB3SUDGR23G7XALUVKFJMZERFUKF/", }, { name: "FEDORA-2021-d551431950", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFXJPQUYUITJMV75YN3XIGE3KKN5GOCU/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.15-servicing.21214.3", status: "affected", version: "3.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.6-servicing.21220.11", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*", ], platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac version 8.9", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "8.0", versionType: "custom", }, ], }, ], datePublic: "2021-05-11T07:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET and Visual Studio Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T23:57:03.970Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31204", }, { name: "FEDORA-2021-a3c205f5b2", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVMWZPF4FR6JPFSNAIDIUDULHZJBVCW6/", }, { name: "FEDORA-2021-13e3bd248f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6M7KL3KTHJVQNRA3CWFUTESQJARQEHSZ/", }, { name: "FEDORA-2021-721731dc86", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F3VM3RMPE7PNNLLI3BPCSAXITQZCFCA/", }, { name: "FEDORA-2021-c06b64b5ee", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWF25Z3CZ6LYCOHZ7FPSFAQ426JUBUZ4/", }, { name: "FEDORA-2021-f25eb9e302", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UV4ITB3SUDGR23G7XALUVKFJMZERFUKF/", }, { name: "FEDORA-2021-d551431950", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFXJPQUYUITJMV75YN3XIGE3KKN5GOCU/", }, ], title: ".NET and Visual Studio Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-31204", datePublished: "2021-05-11T19:11:40", dateReserved: "2021-04-14T00:00:00", dateUpdated: "2024-08-03T22:55:53.545Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35825
Vulnerability from cvelistv5
Published
2022-08-09 20:12
Modified
2025-01-02 19:34
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:44:22.119Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-35825", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-21T19:55:18.625937Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-21T19:55:28.427Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.50", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.24", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.18", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.13", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2012 Update 5", vendor: "Microsoft", versions: [ { lessThan: "11.0.61252.0", status: "affected", version: "11.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2013 Update 5", vendor: "Microsoft", versions: [ { lessThan: "12.0.40699.0", status: "affected", version: "12.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2015 Update 3", vendor: "Microsoft", versions: [ { lessThan: "14.0.27552.0", status: "affected", version: "14.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.2", vendor: "Microsoft", versions: [ { lessThan: "17.2.7", status: "affected", version: "17.2.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", versionEndExcluding: "15.9.50", versionStartIncluding: "15.9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.24", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.18", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.13", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*", versionEndExcluding: "11.0.61252.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update_5:*:*:*:*:*:*", versionEndExcluding: "12.0.40699.0", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio:*:update3:*:*:*:*:*:*", versionEndExcluding: "14.0.27552.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.2.7", versionStartIncluding: "17.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-08-09T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T19:34:56.178Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Visual Studio Remote Code Execution Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825", }, ], title: "Visual Studio Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-35825", datePublished: "2022-08-09T20:12:22", dateReserved: "2022-07-13T00:00:00", dateUpdated: "2025-01-02T19:34:56.178Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41032
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2025-02-28 20:53
Severity ?
EPSS score ?
Summary
NuGet Client Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41032 | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.10 |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:35:47.829Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41032", }, { name: "FEDORA-2022-f9ca76e479", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7BMHO5ITRBZREVTEKHQRGSFRPDMALV3/", }, { name: "FEDORA-2022-7f5f9ede26", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDPT2MJC3HD7HYZGASOOX6MTDR4ASBL5/", }, { name: "FEDORA-2022-2c37647a9c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOG35Z5RL5W5RGLLYLN46CI4D2UPDSWM/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41032", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-28T20:23:59.400514Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-28T20:53:42.375Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.10", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.30", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.2", vendor: "Microsoft", versions: [ { lessThan: "17.2.9", status: "affected", version: "17.2.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.20", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.26", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.15", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.3", vendor: "Microsoft", versions: [ { lessThan: "17.3.6", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Visual Studio 2022 for Mac version 17.3", vendor: "Microsoft", versions: [ { lessThan: "17.3.7", status: "affected", version: "17.3", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.10", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.30", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.2.9", versionStartIncluding: "17.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.20", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.26", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.15", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.3.6", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:*", versionEndExcluding: "17.3.7", versionStartIncluding: "17.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-10-11T07:00:00.000Z", descriptions: [ { lang: "en-US", value: "NuGet Client Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T21:27:14.366Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "NuGet Client Elevation of Privilege Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41032", }, ], title: "NuGet Client Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-41032", datePublished: "2022-10-11T00:00:00.000Z", dateReserved: "2022-09-19T00:00:00.000Z", dateUpdated: "2025-02-28T20:53:42.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23267
Vulnerability from cvelistv5
Published
2022-05-10 20:33
Modified
2025-01-02 18:57
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | .NET Core 3.1 |
Version: 3.1 < 3.1.25 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:36:20.350Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267", }, { name: "FEDORA-2022-d69fee9f38", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/", }, { name: "FEDORA-2022-9a1d5ea33c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/", }, { name: "FEDORA-2022-256d559f0c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.25", status: "affected", version: "3.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.17", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.21", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac version 8.10", vendor: "Microsoft", versions: [ { lessThan: "8.10.24", status: "affected", version: "8.1.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", vendor: "Microsoft", versions: [ { lessThan: "16.11.14", status: "affected", version: "16.11.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.10", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: ".NET 6.0", vendor: "Microsoft", versions: [ { lessThan: "6.0.5", status: "affected", version: "6.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2022 version 17.1", vendor: "Microsoft", versions: [ { lessThan: "17.1.7", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "PowerShell 7.0", vendor: "Microsoft", versions: [ { lessThan: "7.0.11", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "PowerShell 7.2", vendor: "Microsoft", versions: [ { lessThan: "7.2.4", status: "affected", version: "7.2.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Visual Studio 2022 for Mac version 17.0", vendor: "Microsoft", versions: [ { lessThan: "17.0.3", status: "affected", version: "17.0.0", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", versionEndExcluding: "3.1.25", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "5.0.17", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.9.21", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:macos:*:*", versionEndExcluding: "8.10.24", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", versionEndExcluding: "16.11.14", versionStartIncluding: "16.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.10", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", versionEndExcluding: "6.0.5", versionStartIncluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.1.7", versionStartIncluding: "17.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", versionEndExcluding: "7.0.11", versionStartIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", versionEndExcluding: "7.2.4", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", versionEndExcluding: "17.0.3", versionStartIncluding: "17.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-05-10T07:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET and Visual Studio Denial of Service Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:57:48.914Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: ".NET and Visual Studio Denial of Service Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23267", }, ], title: ".NET and Visual Studio Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-23267", datePublished: "2022-05-10T20:33:32", dateReserved: "2022-01-15T00:00:00", dateUpdated: "2025-01-02T18:57:48.914Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26423
Vulnerability from cvelistv5
Published
2021-08-12 18:11
Modified
2024-08-03 20:26
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26423 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.38 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:26:25.161Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26423", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "15.9.38", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "16.4.25", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.18", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.10", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9)", vendor: "Microsoft", versions: [ { lessThan: "16.10.5", status: "affected", version: "16.10.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*", ], platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac version 8.10", vendor: "Microsoft", versions: [ { lessThan: "8.10.7", status: "affected", version: "8.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET Core 2.1", vendor: "Microsoft", versions: [ { lessThan: "2.1.30", status: "affected", version: "2.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.18", status: "affected", version: "3.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.9", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "PowerShell Core 7.1", vendor: "Microsoft", versions: [ { lessThan: "7.1.4", status: "affected", version: "7.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "PowerShell Core 7.0", vendor: "Microsoft", versions: [ { lessThan: "7.0.7", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-08-10T07:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET Core and Visual Studio Denial of Service Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T19:53:54.266Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26423", }, ], title: ".NET Core and Visual Studio Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-26423", datePublished: "2021-08-12T18:11:31", dateReserved: "2021-01-29T00:00:00", dateUpdated: "2024-08-03T20:26:25.161Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34532
Vulnerability from cvelistv5
Published
2021-08-12 18:12
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
ASP.NET Core and Visual Studio Information Disclosure Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | ASP.NET Core 2.1 |
Version: 2.0 < 2.1.29 cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:12:50.394Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:asp.net_core:2.1*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "ASP.NET Core 2.1", vendor: "Microsoft", versions: [ { lessThan: "2.1.29", status: "affected", version: "2.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "ASP.NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.18", status: "affected", version: "3.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:asp.net_core:5.0:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "ASP.NET Core 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.9", status: "affected", version: "5.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "16.4.25", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.18", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.10", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9)", vendor: "Microsoft", versions: [ { lessThan: "16.10.5", status: "affected", version: "16.10.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*", ], platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac version 8.10", vendor: "Microsoft", versions: [ { lessThan: "8.10.7", status: "affected", version: "8.1.0", versionType: "custom", }, ], }, ], datePublic: "2021-08-10T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "ASP.NET Core and Visual Studio Information Disclosure Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-28T19:54:05.650Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532", }, ], title: "ASP.NET Core and Visual Studio Information Disclosure Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-34532", datePublished: "2021-08-12T18:12:05", dateReserved: "2021-06-09T00:00:00", dateUpdated: "2024-08-04T00:12:50.394Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27064
Vulnerability from cvelistv5
Published
2021-04-13 19:32
Modified
2024-11-19 16:27
Severity ?
EPSS score ?
Summary
Visual Studio Installer Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < publication cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:40:47.169Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-27064", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-19T16:27:41.252755Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-19T16:27:50.268Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-04-13T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Visual Studio Installer Elevation of Privilege Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-29T19:21:51.866Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064", }, ], title: "Visual Studio Installer Elevation of Privilege Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-27064", datePublished: "2021-04-13T19:32:36", dateReserved: "2021-02-10T00:00:00", dateUpdated: "2024-11-19T16:27:50.268Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31957
Vulnerability from cvelistv5
Published
2021-06-08 22:46
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
ASP.NET Core Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31957 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMHWHRRYDHKM6BIINW5V7OCSW4SDWB4W/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4PRVVLXXQEF4SEJOBV3VRJHGX7YHY2CG/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMAO4NG2OQ4PCXUQWMNSCMYWLIJJY6UY/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVCDYIP4A6DDRT7G6P3ZW6PKNK2DNWJ2/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) |
Version: 16.0 < 16.4.23 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:31.331Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31957", }, { name: "FEDORA-2021-4b3fc547fe", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMHWHRRYDHKM6BIINW5V7OCSW4SDWB4W/", }, { name: "FEDORA-2021-cb4f3ab817", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4PRVVLXXQEF4SEJOBV3VRJHGX7YHY2CG/", }, { name: "FEDORA-2021-1e0e04958d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMAO4NG2OQ4PCXUQWMNSCMYWLIJJY6UY/", }, { name: "FEDORA-2021-e9c84e6d26", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVCDYIP4A6DDRT7G6P3ZW6PKNK2DNWJ2/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "16.4.23", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "16.7.16", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "16.9.7", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.10 (includes 16.0 - 16.9)", vendor: "Microsoft", versions: [ { lessThan: "16.10.1", status: "affected", version: "16.10.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*", ], platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac version 8.10", vendor: "Microsoft", versions: [ { lessThan: "8.10.1", status: "affected", version: "8.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "3.1.16", status: "affected", version: "3.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "5.0.7", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-06-08T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "ASP.NET Core Denial of Service Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-29T14:55:32.372Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31957", }, { name: "FEDORA-2021-4b3fc547fe", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMHWHRRYDHKM6BIINW5V7OCSW4SDWB4W/", }, { name: "FEDORA-2021-cb4f3ab817", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4PRVVLXXQEF4SEJOBV3VRJHGX7YHY2CG/", }, { name: "FEDORA-2021-1e0e04958d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMAO4NG2OQ4PCXUQWMNSCMYWLIJJY6UY/", }, { name: "FEDORA-2021-e9c84e6d26", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVCDYIP4A6DDRT7G6P3ZW6PKNK2DNWJ2/", }, ], title: "ASP.NET Core Denial of Service Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-31957", datePublished: "2021-06-08T22:46:26", dateReserved: "2021-04-30T00:00:00", dateUpdated: "2024-08-03T23:10:31.331Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26701
Vulnerability from cvelistv5
Published
2021-02-25 23:02
Modified
2024-08-03 20:33
Severity ?
EPSS score ?
Summary
.NET Core Remote Code Execution Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPUKFHIGP5YNJRRFWKDJ2XRS4WTFJNNK/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TW3ZSJTTMZAFKGW7NJWTVVFZUYYU2SJZ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WA5WQJVHUL5C4XMJTLY3C67R4WP35EF4/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YLFATXASXW4OV2ZBSRP4G55HJH73QPBP/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBOSSX7U6BSHV5RI74FCOW4ITJ5RRJR5/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Microsoft | .NET Core 2.1 |
Version: 2.1 < publication cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:33:40.798Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701", }, { name: "FEDORA-2021-e2d218afe6", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPUKFHIGP5YNJRRFWKDJ2XRS4WTFJNNK/", }, { name: "FEDORA-2021-904d0bd496", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TW3ZSJTTMZAFKGW7NJWTVVFZUYYU2SJZ/", }, { name: "FEDORA-2021-1b22f31541", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WA5WQJVHUL5C4XMJTLY3C67R4WP35EF4/", }, { name: "FEDORA-2021-138728e59b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YLFATXASXW4OV2ZBSRP4G55HJH73QPBP/", }, { name: "FEDORA-2021-3da33cdc80", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBOSSX7U6BSHV5RI74FCOW4ITJ5RRJR5/", }, { name: "FEDORA-2021-265a3c7cb9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET Core 2.1", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "2.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET Core 3.1", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "3.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: ".NET 5.0", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "5.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.9.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:-:*:*:*:*:macos:*:*", ], platforms: [ "Unknown", ], product: "Visual Studio 2019 for Mac", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "8.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.8:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.8 (includes 16.0 - 16.7)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "16.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "PowerShell Core 7.1", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "7.1.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "PowerShell Core 7.0", vendor: "Microsoft", versions: [ { lessThan: "publication", status: "affected", version: "7.0.0", versionType: "custom", }, ], }, ], datePublic: "2021-02-09T08:00:00+00:00", descriptions: [ { lang: "en-US", value: ".NET Core Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-29T22:33:26.742Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26701", }, { name: "FEDORA-2021-e2d218afe6", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPUKFHIGP5YNJRRFWKDJ2XRS4WTFJNNK/", }, { name: "FEDORA-2021-904d0bd496", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TW3ZSJTTMZAFKGW7NJWTVVFZUYYU2SJZ/", }, { name: "FEDORA-2021-1b22f31541", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WA5WQJVHUL5C4XMJTLY3C67R4WP35EF4/", }, { name: "FEDORA-2021-138728e59b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YLFATXASXW4OV2ZBSRP4G55HJH73QPBP/", }, { name: "FEDORA-2021-3da33cdc80", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBOSSX7U6BSHV5RI74FCOW4ITJ5RRJR5/", }, { name: "FEDORA-2021-265a3c7cb9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5/", }, ], title: ".NET Core Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-26701", datePublished: "2021-02-25T23:02:00", dateReserved: "2021-02-05T00:00:00", dateUpdated: "2024-08-03T20:33:40.798Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }