Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (301 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-29804 1 Microsoft 1 Visual Studio 2022 2026-02-13 7.3 High
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-29802 1 Microsoft 1 Visual Studio 2022 2026-02-13 7.3 High
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-29803 1 Microsoft 7 .vsta Sdk, Sql Server Management Studio, Visual Studio Tools For Applications and 4 more 2026-02-13 7.3 High
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-32702 1 Microsoft 2 Visual Studio 2019, Visual Studio 2022 2026-02-13 7.8 High
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.
CVE-2025-21264 1 Microsoft 2 Visual Studio Code, Visual Studio Code Copilot Chat Extension 2026-02-13 7.1 High
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-32703 1 Microsoft 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 2026-02-13 5.5 Medium
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
CVE-2025-26646 4 Apple, Linux, Microsoft and 1 more 9 Macos, Linux Kernel, .net and 6 more 2026-02-13 8 High
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
CVE-2025-49739 1 Microsoft 5 Visual Studio, Visual Studio 2015, Visual Studio 2017 and 2 more 2026-02-13 8.8 High
Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-49714 1 Microsoft 2 Python, Visual Studio Code 2026-02-13 7.8 High
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
CVE-2025-53773 2 Github, Microsoft 3 Copilot, Visual Studio, Visual Studio 2022 2026-02-13 7.8 High
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
CVE-2024-35264 2 Microsoft, Redhat 4 .net, Visual Studio, Visual Studio 2022 and 1 more 2026-02-10 8.1 High
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2025-68120 2 Go, Microsoft 2 Go, Visual Studio Code 2026-01-06 5.4 Medium
To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode.
CVE-2024-30052 1 Microsoft 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 2025-12-17 4.7 Medium
Visual Studio Remote Code Execution Vulnerability
CVE-2024-29060 1 Microsoft 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 2025-12-17 6.7 Medium
Visual Studio Elevation of Privilege Vulnerability
CVE-2024-30105 2 Microsoft, Redhat 5 .net, Powershell, Visual Studio and 2 more 2025-12-09 7.5 High
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38095 2 Microsoft, Redhat 5 .net, Powershell, Visual Studio and 2 more 2025-12-09 7.5 High
.NET and Visual Studio Denial of Service Vulnerability
CVE-2024-38081 1 Microsoft 17 .net, .net Framework, Visual Studio and 14 more 2025-12-09 7.3 High
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2024-35272 1 Microsoft 8 Sql Server, Sql Server 2016, Sql Server 2017 and 5 more 2025-12-09 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2022-24526 1 Microsoft 1 Visual Studio Code 2025-12-09 6.1 Medium
Visual Studio Code Spoofing Vulnerability
CVE-2023-44487 32 Akka, Amazon, Apache and 29 more 367 Http Server, Opensearch Data Prepper, Apisix and 364 more 2025-11-07 7.5 High
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.