Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (119 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-21256 1 Microsoft 1 Visual Studio 2022 2026-02-20 8.8 High
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network.
CVE-2026-21257 1 Microsoft 1 Visual Studio 2022 2026-02-20 8 High
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.
CVE-2025-47959 1 Microsoft 2 Visual Studio, Visual Studio 2022 2026-02-20 7.1 High
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network.
CVE-2025-30399 4 Apple, Linux, Microsoft and 1 more 8 Macos, Linux Kernel, .net and 5 more 2026-02-20 7.5 High
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
CVE-2025-55248 4 Apple, Linux, Microsoft and 1 more 22 Macos, Linux Kernel, .net and 19 more 2026-02-13 4.8 Medium
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
CVE-2025-55240 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2026-02-13 7.3 High
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-55315 2 Microsoft, Redhat 4 Asp.net Core, Visual Studio, Visual Studio 2022 and 1 more 2026-02-13 9.9 Critical
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
CVE-2025-62214 1 Microsoft 2 Visual Studio, Visual Studio 2022 2026-02-13 6.7 Medium
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.
CVE-2025-21172 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, .net and 7 more 2026-02-13 7.5 High
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21405 1 Microsoft 1 Visual Studio 2022 2026-02-13 7.3 High
Visual Studio Elevation of Privilege Vulnerability
CVE-2025-21173 3 Linux, Microsoft, Redhat 5 Linux Kernel, .net, Visual Studio 2022 and 2 more 2026-02-13 7.3 High
.NET Elevation of Privilege Vulnerability
CVE-2025-21178 1 Microsoft 4 Visual Studio 2015, Visual Studio 2017, Visual Studio 2019 and 1 more 2026-02-13 8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2025-21176 4 Apple, Linux, Microsoft and 1 more 25 Macos, Linux Kernel, .net and 22 more 2026-02-13 8.8 High
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21171 4 Apple, Linux, Microsoft and 1 more 7 Macos, Linux Kernel, .net and 4 more 2026-02-13 7.5 High
.NET Remote Code Execution Vulnerability
CVE-2025-21206 1 Microsoft 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 2026-02-13 7.3 High
Visual Studio Installer Elevation of Privilege Vulnerability
CVE-2025-25003 1 Microsoft 2 Visual Studio 2019, Visual Studio 2022 2026-02-13 7.3 High
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-24998 1 Microsoft 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 2026-02-13 7.3 High
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-24070 2 Microsoft, Redhat 4 Asp.net Core, Visual Studio 2022, Enterprise Linux and 1 more 2026-02-13 7 High
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-26682 1 Microsoft 2 Asp.net Core, Visual Studio 2022 2026-02-13 7.5 High
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2025-29804 1 Microsoft 1 Visual Studio 2022 2026-02-13 7.3 High
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.