All the vulnerabilites related to Microsoft - Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
cve-2023-29356
Vulnerability from cvelistv5
Published
2023-06-16 00:44
Modified
2024-08-02 14:07
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29356 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft ODBC Driver 17 for SQL Server on Linux |
Version: 17.0.0.0 < 17.10.4.1 cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:45.671Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29356" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.2.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.33", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-15T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:53.074Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29356" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-29356", "datePublished": "2023-06-16T00:44:27.384Z", "dateReserved": "2023-04-04T22:34:18.384Z", "dateUpdated": "2024-08-02T14:07:45.671Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32027
Vulnerability from cvelistv5
Published
2023-06-16 00:44
Modified
2024-08-02 15:03
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32027 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft ODBC Driver 17 for SQL Server on Linux |
Version: 17.0.0.0 < 17.10.4.1 cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.681Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32027" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.2.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.33", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-15T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:54.773Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32027" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-32027", "datePublished": "2023-06-16T00:44:29.549Z", "dateReserved": "2023-05-01T15:34:52.132Z", "dateUpdated": "2024-08-02T15:03:28.681Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28936
Vulnerability from cvelistv5
Published
2024-04-09 17:00
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28936 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2022 for (CU 12) |
Version: 16.0.0 < 16.0.4120.1 cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28936", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-01T19:04:55.282290Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:03:40.417Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.507Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28936" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:04.585Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28936" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28936", "datePublished": "2024-04-09T17:00:28.756Z", "dateReserved": "2024-03-13T01:26:53.037Z", "dateUpdated": "2024-10-09T01:41:04.585Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36793
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.57 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36793", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T15:20:19.558478Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:25:44.719Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.57", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2016", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6252", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows Server 2019" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 22H2 for ARM64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09186.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.09186.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20162", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:12.204Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36793", "datePublished": "2023-09-12T16:58:40.256Z", "dateReserved": "2023-06-27T15:11:59.872Z", "dateUpdated": "2024-08-02T17:01:09.928Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41032
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:35
Severity ?
EPSS score ?
Summary
NuGet Client Elevation of Privilege Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.10 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:35:47.829Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41032" }, { "name": "FEDORA-2022-f9ca76e479", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7BMHO5ITRBZREVTEKHQRGSFRPDMALV3/" }, { "name": "FEDORA-2022-7f5f9ede26", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDPT2MJC3HD7HYZGASOOX6MTDR4ASBL5/" }, { "name": "FEDORA-2022-2c37647a9c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOG35Z5RL5W5RGLLYLN46CI4D2UPDSWM/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.10", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.30", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.9", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.20", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.26", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.15", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.3:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.6", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.7", "status": "affected", "version": "17.3", "versionType": "custom" } ] } ], "datePublic": "2022-10-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "NuGet Client Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-09T17:23:42.524Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41032" }, { "name": "FEDORA-2022-f9ca76e479", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7BMHO5ITRBZREVTEKHQRGSFRPDMALV3/" }, { "name": "FEDORA-2022-7f5f9ede26", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDPT2MJC3HD7HYZGASOOX6MTDR4ASBL5/" }, { "name": "FEDORA-2022-2c37647a9c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOG35Z5RL5W5RGLLYLN46CI4D2UPDSWM/" } ], "title": "NuGet Client Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-41032", "datePublished": "2022-10-11T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:35:47.829Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41119
Vulnerability from cvelistv5
Published
2022-11-09 00:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41119 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.10 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:35:49.466Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41119" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-41119", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-23T20:17:21.236549Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-07T13:57:30.329Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.10", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.51", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.21", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.3:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.16", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-11-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:02:06.120Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41119" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-41119", "datePublished": "2022-11-09T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-07T13:57:30.329Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28933
Vulnerability from cvelistv5
Published
2024-04-09 17:01
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28933 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) |
Version: 16.11.0 < 16.11.35 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28933", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-22T15:37:19.711302Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:03:12.885Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.181Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28933" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:48.973Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28933" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28933", "datePublished": "2024-04-09T17:01:13.955Z", "dateReserved": "2024-03-13T01:26:53.034Z", "dateUpdated": "2024-10-09T01:41:48.973Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36792
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.57 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36792", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-28T14:00:38.974579Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-28T14:00:45.881Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.977Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.57", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2016", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2012" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows Server 2022", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows Server 2019" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2016", "Windows 10 Version 1607 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6252", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012 R2", "Windows Server 2012", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04063.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09186.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.09186.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20162", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:12.722Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36792", "datePublished": "2023-09-12T16:58:40.779Z", "dateReserved": "2023-06-27T15:11:59.871Z", "dateUpdated": "2024-08-02T17:01:09.977Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43590
Vulnerability from cvelistv5
Published
2024-10-08 17:36
Modified
2024-12-10 18:46
Severity ?
EPSS score ?
Summary
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43590 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Visual C++ Redistributable Installer |
Version: 10.0.0 < 14.40.33816 |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43590", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:34:14.182011Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T18:34:32.825Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Visual C++ Redistributable Installer", "vendor": "Microsoft", "versions": [ { "lessThan": "14.40.33816", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.67", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.41", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_c_plus_plus_redistributable_installer:*:*:*:*:*:*:*:*", "versionEndExcluding": "14.40.33816", "versionStartIncluding": "10.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", "versionEndExcluding": "15.9.67", "versionStartIncluding": "15.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "16.11.41", "versionStartIncluding": "16.11.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual C++ Redistributable Installer Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:46:23.393Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual C++ Redistributable Installer Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43590" } ], "title": "Visual C++ Redistributable Installer Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43590", "datePublished": "2024-10-08T17:36:14.169Z", "dateReserved": "2024-08-14T01:08:33.548Z", "dateUpdated": "2024-12-10T18:46:23.393Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36794
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.57 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36794", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T15:55:22.038287Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T15:55:32.545Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.543Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.57", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2016 (Server Core installation)", "Windows Server 2016", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2022", "Windows Server 2022 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04667.03", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6252", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04063.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09186.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.09186.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for x64-based Systems", "Windows 10 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20162", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:11.685Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36794", "datePublished": "2023-09-12T16:58:39.719Z", "dateReserved": "2023-06-27T15:11:59.873Z", "dateUpdated": "2024-08-02T17:01:09.543Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-23381
Vulnerability from cvelistv5
Published
2023-02-14 20:09
Modified
2024-08-02 10:28
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23381 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) |
Version: 16.11.0 < 16.11.24 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-23381", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-23T17:49:25.568186Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-23T17:49:29.460Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T10:28:40.951Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23381" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.24", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.19", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.13", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.52", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.5", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40700.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27555.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-02-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:05:38.184Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23381" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-23381", "datePublished": "2023-02-14T20:09:59.470Z", "dateReserved": "2023-01-11T22:08:03.134Z", "dateUpdated": "2024-08-02T10:28:40.951Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33139
Vulnerability from cvelistv5
Published
2023-06-13 23:25
Modified
2024-10-02 16:39
Severity ?
EPSS score ?
Summary
Visual Studio Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.55 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:39:35.318Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-33139", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-02T16:39:22.157046Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-02T16:39:30.480Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.55", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.16", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.27", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.22", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.8", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40702.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27554.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.3", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:51.371Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139" } ], "title": "Visual Studio Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-33139", "datePublished": "2023-06-13T23:25:55.404Z", "dateReserved": "2023-05-17T21:16:44.896Z", "dateUpdated": "2024-10-02T16:39:30.480Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36897
Vulnerability from cvelistv5
Published
2023-08-08 17:08
Modified
2024-09-11 18:58
Severity ?
EPSS score ?
Summary
Visual Studio Tools for Office Runtime Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36897 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Office 2019 |
Version: 19.0.0 < https://aka.ms/OfficeSecurityReleases cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.643Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Tools for Office Runtime Spoofing Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36897" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-36897", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-11T18:55:48.486878Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T18:58:02.478Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Office 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "19.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft 365 Apps for Enterprise", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "16.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems", "32-bit Systems" ], "product": "Microsoft Office LTSC 2021", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "16.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.56", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.18", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.29", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.10", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.6", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2010_tools_for_office_runtime:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2010 Tools for Office Runtime", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.60910", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-08-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Tools for Office Runtime Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:33:03.908Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Tools for Office Runtime Spoofing Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36897" } ], "title": "Visual Studio Tools for Office Runtime Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36897", "datePublished": "2023-08-08T17:08:53.174Z", "dateReserved": "2023-06-27T20:28:49.988Z", "dateUpdated": "2024-09-11T18:58:02.478Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28931
Vulnerability from cvelistv5
Published
2024-04-09 17:00
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28931 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2022 for (CU 12) |
Version: 16.0.0 < 16.0.4120.1 cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28931", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-25T00:11:41.299849Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:03:59.642Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.172Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28931" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:03.578Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28931" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28931", "datePublished": "2024-04-09T17:00:27.649Z", "dateReserved": "2024-03-13T01:26:53.031Z", "dateUpdated": "2024-10-09T01:41:03.578Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-34716
Vulnerability from cvelistv5
Published
2022-08-09 19:55
Modified
2024-08-03 09:15
Severity ?
EPSS score ?
Summary
.NET Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:15:16.112Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Spoofing Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.50", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.7", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.24", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.18", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.13", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.8", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.28", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.12", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.6", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] } ], "datePublic": "2022-08-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Spoofing", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-20T21:27:59.001Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Spoofing Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716" } ], "title": ".NET Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-34716", "datePublished": "2022-08-09T19:55:43", "dateReserved": "2022-06-27T00:00:00", "dateUpdated": "2024-08-03T09:15:16.112Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29349
Vulnerability from cvelistv5
Published
2023-06-16 00:44
Modified
2024-08-02 14:07
Severity ?
EPSS score ?
Summary
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft OLE DB Driver 18 for SQL Server |
Version: 18.0.0 < 18.6.0006.0 cpe:2.3:a:microsoft:ole_db_driver_18_for_sql_server:-:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:45.660Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC and OLE DB Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:ole_db_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft OLE DB Driver 18 for SQL Server", "vendor": "Microsoft", "versions": [ { "lessThan": "18.6.0006.0", "status": "affected", "version": "18.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:ole_db_driver_19_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft OLE DB Driver 19 for SQL Server", "vendor": "Microsoft", "versions": [ { "lessThan": "19.3.0001.0", "status": "affected", "version": "19.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.33", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.2.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-15T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC and OLE DB Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:55.324Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC and OLE DB Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349" } ], "title": "Microsoft ODBC and OLE DB Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-29349", "datePublished": "2023-06-16T00:44:38.243Z", "dateReserved": "2023-04-04T22:34:18.382Z", "dateUpdated": "2024-08-02T14:07:45.660Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28937
Vulnerability from cvelistv5
Published
2024-04-09 17:01
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28937 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2019 (GDR) |
Version: 15.0.0 < 15.0.2110.4 cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28937", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-22T20:00:06.674591Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:03:48.747Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.267Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28937" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:50.635Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28937" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28937", "datePublished": "2024-04-09T17:01:15.620Z", "dateReserved": "2024-03-13T01:26:53.037Z", "dateUpdated": "2024-10-09T01:41:50.635Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42277
Vulnerability from cvelistv5
Published
2021-11-10 00:47
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277 | x_refsource_MISC | |
https://www.zerodayinitiative.com/advisories/ZDI-21-1306/ | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Windows 10 Version 1809 |
Version: 10.0.0 < 10.0.17763.2300 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:arm64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:37.813Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1306/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1809", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.2300", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2300:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.2300", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2300:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2019 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.17763.2300", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1916:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1916:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1916:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 1909", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.18363.1916", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1348:*:*:*:*:*:x86:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems", "32-bit Systems" ], "product": "Windows 10 Version 21H1", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19043.1348", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.350:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2022", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.20348.350", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1348:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems", "x64-based Systems" ], "product": "Windows 10 Version 2004", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19041.1348", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1348:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server version 2004", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19041.1348", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1348:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1348:*:*:*:*:*:arm64:*" ], "platforms": [ "32-bit Systems", "ARM64-based Systems" ], "product": "Windows 10 Version 20H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19042.1348", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19041.1348:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server version 20H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.19041.1348", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.318:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.318:*:*:*:*:*:arm64:*" ], "platforms": [ "x64-based Systems", "ARM64-based Systems" ], "product": "Windows 11 version 21H2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.22000.318", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19119:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19119:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1507", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19119", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4770:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4770:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Windows 10 Version 1607", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.4770", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.4770", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Windows Server 2016 (Server Core installation)", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.4770", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.41", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.21", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.13", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.6", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "27550.00", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-11-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:47:57.294Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42277" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1306/" } ], "title": "Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-42277", "datePublished": "2021-11-10T00:47:02", "dateReserved": "2021-10-12T00:00:00", "dateUpdated": "2024-08-04T03:30:37.813Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-29117
Vulnerability from cvelistv5
Published
2022-05-10 20:34
Modified
2024-08-03 06:10
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.5 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:10:59.422Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.5", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.25", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.17", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.10", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.21", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "lessThan": "17.1.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.14", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] } ], "datePublic": "2022-05-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:27:38.581Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29117" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-29117", "datePublished": "2022-05-10T20:34:23", "dateReserved": "2022-04-12T00:00:00", "dateUpdated": "2024-08-03T06:10:59.422Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-30184
Vulnerability from cvelistv5
Published
2022-06-15 21:52
Modified
2024-09-10 15:57
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.6 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:40:47.782Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184" }, { "name": "FEDORA-2022-cd37732349", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/" }, { "name": "FEDORA-2022-5508547b1e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.6", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.26", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.22", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2019 for Mac version 8.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.2", "status": "affected", "version": "8.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.16", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.11", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.4", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NuGet.exe", "vendor": "Microsoft", "versions": [ { "lessThan": "6.2.0", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.2", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-06-14T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-10T15:57:25.636Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30184" }, { "name": "FEDORA-2022-cd37732349", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNH4AC3LFVX35MDRX5OBZDGD2AMH66K/" }, { "name": "FEDORA-2022-5508547b1e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2/" } ], "title": ".NET and Visual Studio Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-30184", "datePublished": "2022-06-15T21:52:20", "dateReserved": "2022-05-03T00:00:00", "dateUpdated": "2024-09-10T15:57:25.636Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32026
Vulnerability from cvelistv5
Published
2023-06-16 00:44
Modified
2024-08-02 15:03
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32026 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft ODBC Driver 17 for SQL Server on MacOS |
Version: 17.0.0.0 < 17.10.4.1 cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.617Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32026" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.2.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.33", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-15T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:54.201Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32026" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-32026", "datePublished": "2023-06-16T00:44:29.037Z", "dateReserved": "2023-05-01T15:34:52.131Z", "dateUpdated": "2024-08-02T15:03:28.617Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-29145
Vulnerability from cvelistv5
Published
2022-05-10 20:34
Modified
2024-08-03 06:10
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29145 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.5 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:10:59.448Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29145" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.5", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.25", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.17", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "lessThan": "17.1.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.21", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.10", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.14", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] } ], "datePublic": "2022-05-10T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:27:48.275Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29145" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-29145", "datePublished": "2022-05-10T20:34:56", "dateReserved": "2022-04-12T00:00:00", "dateUpdated": "2024-08-03T06:10:59.448Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-41089
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 12:35
Severity ?
EPSS score ?
Summary
.NET Framework Remote Code Execution Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.11 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:35:49.218Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.11", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.22", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.17", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.3", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.12", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.32", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.1", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.9", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.2", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows 8.1 for 32-bit systems", "Windows Server 2016", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2012", "Windows Server 2016 (Server Core installation)", "Windows 7 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows 7 for 32-bit Systems Service Pack 1", "Windows Server 2012 R2 (Server Core installation)", "Windows RT 8.1", "Windows 10 Version 1607 for 32-bit Systems", "Windows 8.1 for x64-based systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "04590.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4590.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "04590.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "04590.04", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 21H1 for ARM64-based Systems", "Windows 10 Version 21H1 for x64-based Systems", "Windows 10 Version 21H1 for 32-bit Systems", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 20H2 for 32-bit Systems", "Windows 10 Version 20H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "04590.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "04590.04", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4590.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019 (Server Core installation)", "Windows Server 2019", "Windows 10 Version 1809 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "04010.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "04590.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H1 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H1 for 32-bit Systems", "Windows 10 Version 20H2 for ARM64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H1 for x64-based Systems", "Windows 10 Version 20H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "09115.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "9115.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "04590.04", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "30729.8953", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "30729.8953", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 8.1 for x64-based systems", "Windows 8.1 for 32-bit systems", "Windows Server 2012 R2", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "30729.8953", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows 7 for 32-bit Systems Service Pack 1", "Windows 7 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "30729.8953", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 7 for 32-bit Systems Service Pack 1", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)", "Windows 8.1 for 32-bit systems", "Windows 7 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows RT 8.1", "Windows 8.1 for x64-based systems" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "04010.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4010.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "04590.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "04010.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "30729.8953", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "04010.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "04010.03", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for x64-based Systems", "Windows 10 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6/4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19624", "status": "affected", "version": "10.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-12-13T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Framework Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T13:57:58.533Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089" } ], "title": ".NET Framework Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-41089", "datePublished": "2022-12-13T00:00:00", "dateReserved": "2022-09-19T00:00:00", "dateUpdated": "2024-08-03T12:35:49.218Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0057
Vulnerability from cvelistv5
Published
2024-01-09 17:56
Modified
2024-10-08 15:39
Severity ?
EPSS score ?
Summary
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 8.0 |
Version: 1.0.0 < 8.0.1 cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:41:15.867Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240208-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "8.0.1", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.15", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.26", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.34", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:5.11.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NuGet 5.11.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.11.6.0", "status": "affected", "version": "5.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:17.4.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NuGet 17.4.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.3.0", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:17.6.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NUGET 17.6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.2.0", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:nuget:17.8.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "NuGet 17.8.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.1.0", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.18", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.3", "vendor": "Microsoft", "versions": [ { "lessThan": "7.3.11", "status": "affected", "version": "7.3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.4", "vendor": "Microsoft", "versions": [ { "lessThan": "7.4.2", "status": "affected", "version": "7.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04690.02", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04690.01", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04690.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2016" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04081.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.6614", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04081.02", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04081.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "3.0.50727.8976", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 23H2 for ARM64-based Systems", "Windows 11 Version 23H2 for x64-based Systems", "Windows Server 2022, 23H2 Edition (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09214.01", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8976", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.50727.8976", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-01-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T15:39:52.262Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057" } ], "title": "NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-0057", "datePublished": "2024-01-09T17:56:59.552Z", "dateReserved": "2023-11-22T17:43:37.319Z", "dateUpdated": "2024-10-08T15:39:52.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35827
Vulnerability from cvelistv5
Published
2022-08-09 20:12
Modified
2024-10-21 19:25
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.7 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:44:22.086Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-35827", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-21T19:23:43.503677Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-21T19:25:36.725Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.7", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.13", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.50", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27552.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.18", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.24", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40699.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2012 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "11.0.61252.0", "status": "affected", "version": "11.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-08-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-20T21:28:24.514Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-35827", "datePublished": "2022-08-09T20:12:50", "dateReserved": "2022-07-13T00:00:00", "dateUpdated": "2024-10-21T19:25:36.725Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24513
Vulnerability from cvelistv5
Published
2022-04-15 19:03
Modified
2024-08-03 04:13
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.49 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:13:56.028Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.49", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.27", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.23", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2019 for Mac version 8.10", "vendor": "Microsoft", "versions": [ { "lessThan": "8.10.24", "status": "affected", "version": "8.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.16", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.12", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "lessThan": "17.1.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.3", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-04-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-24T18:27:57.538Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24513" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-24513", "datePublished": "2022-04-15T19:03:40", "dateReserved": "2022-02-05T00:00:00", "dateUpdated": "2024-08-03T04:13:56.028Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21815
Vulnerability from cvelistv5
Published
2023-02-14 20:09
Modified
2024-08-02 09:51
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21815 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.52 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-21815", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T16:14:09.107938Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T16:14:19.107Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T09:51:51.156Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21815" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.52", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.13", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.24", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.19", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40700.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27555.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.5", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] } ], "datePublic": "2023-02-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:05:20.733Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21815" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-21815", "datePublished": "2023-02-14T20:09:31.025Z", "dateReserved": "2022-12-16T22:13:41.244Z", "dateUpdated": "2024-08-02T09:51:51.156Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32028
Vulnerability from cvelistv5
Published
2023-06-16 00:44
Modified
2024-08-02 15:03
Severity ?
EPSS score ?
Summary
Microsoft SQL OLE DB Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32028 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft OLE DB Driver 19 for SQL Server |
Version: 19.0.0 < 19.3.0001.0 cpe:2.3:a:microsoft:ole_db_driver_19_for_sql_server:-:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.848Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft OLE DB Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32028" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:ole_db_driver_19_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft OLE DB Driver 19 for SQL Server", "vendor": "Microsoft", "versions": [ { "lessThan": "19.3.0001.0", "status": "affected", "version": "19.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:ole_db_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft OLE DB Driver 18 for SQL Server", "vendor": "Microsoft", "versions": [ { "lessThan": "18.6.0006.0", "status": "affected", "version": "18.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.33", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-15T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft SQL OLE DB Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:55.906Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft OLE DB Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32028" } ], "title": "Microsoft SQL OLE DB Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-32028", "datePublished": "2023-06-16T00:44:30.155Z", "dateReserved": "2023-05-01T15:34:52.132Z", "dateUpdated": "2024-08-02T15:03:28.848Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36759
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36759 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.19 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.258Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36759" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.19", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.11", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.7.4", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.7", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-822", "description": "CWE-822: Untrusted Pointer Dereference", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:02.027Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36759" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36759", "datePublished": "2023-09-12T16:58:29.748Z", "dateReserved": "2023-06-27T15:11:59.867Z", "dateUpdated": "2024-08-02T17:01:09.258Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-36796
Vulnerability from cvelistv5
Published
2023-09-12 16:58
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.6 |
Version: 17.6.0 < 17.6.9 cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-36796", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T18:14:53.378773Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:25:47.414Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T17:01:09.624Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.9", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.7", "vendor": "Microsoft", "versions": [ { "lessThan": "17.7.6", "status": "affected", "version": "17.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.57", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.21", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.30", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.13", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40707.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27559.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.13", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.24", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2016", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04667.02", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.6252", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04063.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.09186.01", "status": "affected", "version": "4.8.1", "versionType": "custom" }, { "lessThan": "4.8.09186.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04063.01", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for x64-based Systems", "Windows 10 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.20162", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:2.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 2.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.0:sp2:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2" ], "product": "Microsoft .NET Framework 3.0 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:3.5.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 3.5.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.0.30729.8957", "status": "affected", "version": "3.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:41:11.166Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-36796", "datePublished": "2023-09-12T16:58:39.186Z", "dateReserved": "2023-06-27T15:11:59.873Z", "dateUpdated": "2024-08-02T17:01:09.624Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35826
Vulnerability from cvelistv5
Published
2022-08-09 20:12
Modified
2024-10-21 19:26
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:44:22.069Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-35826", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-21T19:26:13.774576Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-21T19:26:26.305Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.50", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.24", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.18", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.13", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2012 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "11.0.61252.0", "status": "affected", "version": "11.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40699.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27552.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.7", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] } ], "datePublic": "2022-08-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-20T21:28:24.007Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-35826", "datePublished": "2022-08-09T20:12:36", "dateReserved": "2022-07-13T00:00:00", "dateUpdated": "2024-10-21T19:26:26.305Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-30052
Vulnerability from cvelistv5
Published
2024-06-11 17:00
Modified
2024-08-02 01:25
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30052 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.63 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-30052", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T18:40:08.702742Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T18:40:17.085Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:25:02.976Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30052" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.63", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.37", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.20", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.16", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.11", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.2", "status": "affected", "version": "17.10", "versionType": "custom" } ] } ], "datePublic": "2024-06-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-693", "description": "CWE-693: Protection Mechanism Failure", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T21:13:46.822Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30052" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-30052", "datePublished": "2024-06-11T17:00:10.658Z", "dateReserved": "2024-03-22T23:12:13.409Z", "dateUpdated": "2024-08-02T01:25:02.976Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-26434
Vulnerability from cvelistv5
Published
2021-09-15 11:23
Modified
2024-08-03 20:26
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26434 | x_refsource_MISC | |
https://www.zerodayinitiative.com/advisories/ZDI-21-1077/ | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.39 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:26:25.193Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26434" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1077/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.39", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.4.26", "status": "affected", "version": "16.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.19", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.11", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.3", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] } ], "datePublic": "2021-09-14T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-28T19:37:25.359Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26434" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1077/" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-26434", "datePublished": "2021-09-15T11:23:00", "dateReserved": "2021-01-29T00:00:00", "dateUpdated": "2024-08-03T20:26:25.193Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-43877
Vulnerability from cvelistv5
Published
2021-12-15 14:15
Modified
2024-08-04 04:10
Severity ?
EPSS score ?
Summary
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
Version: 16.0.0 < 16.7.23 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:10:17.113Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.23", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.15", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.8", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.3", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ASP.NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.22", "status": "affected", "version": "3.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:asp.net_core:5.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ASP.NET Core 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.13", "status": "affected", "version": "5.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:asp.net_core:6.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "ASP.NET Core 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.101", "status": "affected", "version": "6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "lessThan": "17.1.4", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-12-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:44:33.540Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877" } ], "title": "ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-43877", "datePublished": "2021-12-15T14:15:31", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2024-08-04T04:10:17.113Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28938
Vulnerability from cvelistv5
Published
2024-04-09 17:01
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28938 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2022 for (CU 12) |
Version: 16.0.0 < 16.0.4120.1 cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28938", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-10T17:30:59.430193Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:03:20.638Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.355Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28938" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:51.130Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28938" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28938", "datePublished": "2024-04-09T17:01:16.170Z", "dateReserved": "2024-03-13T01:26:53.037Z", "dateUpdated": "2024-10-09T01:41:51.130Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-41355
Vulnerability from cvelistv5
Published
2021-10-13 00:28
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355 | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | PowerShell 7.1 |
Version: 7.1.0 < 7.1.5 cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:08:32.217Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.1", "vendor": "Microsoft", "versions": [ { "lessThan": "7.1.5", "status": "affected", "version": "7.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.12", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.5", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.11", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-10-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Core and Visual Studio Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:52:18.055Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41355" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" } ], "title": ".NET Core and Visual Studio Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-41355", "datePublished": "2021-10-13T00:28:19", "dateReserved": "2021-09-17T00:00:00", "dateUpdated": "2024-08-04T03:08:32.217Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21986
Vulnerability from cvelistv5
Published
2022-02-09 16:36
Modified
2024-08-03 03:00
Severity ?
EPSS score ?
Summary
.NET Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) |
Version: 15.0.0 < 16.9.17 cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:00:54.541Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.17", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.10", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.6", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2019 for Mac version 8.10", "vendor": "Microsoft", "versions": [ { "lessThan": "8.10.18", "status": "affected", "version": "8.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.14", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.2", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-02-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T00:41:26.052Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21986" } ], "title": ".NET Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-21986", "datePublished": "2022-02-09T16:36:32", "dateReserved": "2021-12-16T00:00:00", "dateUpdated": "2024-08-03T03:00:54.541Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24512
Vulnerability from cvelistv5
Published
2022-03-09 17:08
Modified
2024-08-03 04:13
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) |
Version: 16.0.0 < 16.7.26 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:13:56.019Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.26", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.18", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.11", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.15", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.3", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.23", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.2", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.9", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.1", "vendor": "Microsoft", "versions": [ { "lessThan": "7.1.6", "status": "affected", "version": "7.1.0", "versionType": "custom" } ] } ], "datePublic": "2022-03-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T00:31:55.947Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-24512", "datePublished": "2022-03-09T17:08:15", "dateReserved": "2022-02-05T00:00:00", "dateUpdated": "2024-08-03T04:13:56.019Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28299
Vulnerability from cvelistv5
Published
2023-04-11 19:13
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
Visual Studio Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28299 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.54 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:23.931Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Spoofing Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28299" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.54", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.15", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.26", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.21", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.7", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.5", "vendor": "Microsoft", "versions": [ { "lessThan": "17.5.4", "status": "affected", "version": "17.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-04-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Spoofing", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:56:38.064Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Spoofing Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28299" } ], "title": "Visual Studio Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-28299", "datePublished": "2023-04-11T19:13:59.381Z", "dateReserved": "2023-03-13T22:23:36.189Z", "dateUpdated": "2024-08-02T12:38:23.931Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28262
Vulnerability from cvelistv5
Published
2023-04-11 19:13
Modified
2024-10-07 15:40
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28262 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.15 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:30:24.747Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28262" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-28262", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-07T15:40:10.106998Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-07T15:40:19.632Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.15", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.26", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.21", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.7", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.5", "vendor": "Microsoft", "versions": [ { "lessThan": "17.5.4", "status": "affected", "version": "17.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-04-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:56:35.985Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28262" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-28262", "datePublished": "2023-04-11T19:13:57.191Z", "dateReserved": "2023-03-13T22:18:32.393Z", "dateUpdated": "2024-10-07T15:40:19.632Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28929
Vulnerability from cvelistv5
Published
2024-04-09 17:00
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28929 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2019 (CU 25) |
Version: 15.0.0 < 15.0.4360.2 cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28929", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-22T16:11:54.498743Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-29T20:29:04.530Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.116Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28929" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:03.086Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28929" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28929", "datePublished": "2024-04-09T17:00:27.042Z", "dateReserved": "2024-03-13T01:26:53.031Z", "dateUpdated": "2024-10-09T01:41:03.086Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21566
Vulnerability from cvelistv5
Published
2023-02-14 20:09
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21566 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.13 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-21566", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-03T20:49:49.481846Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-03T20:49:58.715Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:01.415Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21566" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.13", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.52", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.5", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.19", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.24", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] } ], "datePublic": "2023-02-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-73", "description": "CWE-73: External Control of File Name or Path", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:05:07.136Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21566" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-21566", "datePublished": "2023-02-14T20:09:08.856Z", "dateReserved": "2022-12-01T14:00:11.204Z", "dateUpdated": "2024-08-02T09:44:01.415Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21808
Vulnerability from cvelistv5
Published
2023-02-14 20:09
Modified
2024-08-02 09:51
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) |
Version: 16.11.0 < 16.11.24 cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:51:50.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.24", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.19", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.52", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.5", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.13", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27555.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40700.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.3", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.14", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.10", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2022", "Windows Server 2019 (Server Core installation)", "Windows 10 Version 20H2 for ARM64-based Systems", "Windows 10 Version 20H2 for 32-bit Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows Server 2022 (Server Core installation)", "Windows Server 2019", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 22H2 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.04614.06", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "10.0.4614.06", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "10.0.04614.05", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2016" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.04038.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "10.0.14393.5717", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2008 R2 for x64-based Systems Service Pack 1" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04614.08", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04038.05", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04038.03", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.04038.02", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2012 R2", "Windows Server 2012 (Server Core installation)", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.04614.05", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.04614.03", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.4614.08", "status": "affected", "version": "4.8.0", "versionType": "custom" }, { "lessThan": "4.8.4614.07", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022 (Server Core installation)", "Windows Server 2022", "Windows 10 Version 20H2 for 32-bit Systems", "Windows 10 Version 20H2 for ARM64-based Systems", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 22H2 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.09139.02", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04038.06", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4038.05", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19747", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] } ], "datePublic": "2023-02-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:05:18.735Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808" } ], "title": ".NET and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-21808", "datePublished": "2023-02-14T20:09:27.030Z", "dateReserved": "2022-12-16T22:13:41.241Z", "dateUpdated": "2024-08-02T09:51:50.928Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28930
Vulnerability from cvelistv5
Published
2024-04-09 17:01
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28930 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2019 (CU 25) |
Version: 15.0.0 < 15.0.4360.2 cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28930", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-18T15:43:31.008624Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-08T15:35:37.350Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.397Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28930" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:48.369Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28930" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28930", "datePublished": "2024-04-09T17:01:13.416Z", "dateReserved": "2024-03-13T01:26:53.031Z", "dateUpdated": "2024-10-09T01:41:48.369Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28296
Vulnerability from cvelistv5
Published
2023-04-11 19:13
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28296 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.54 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:24.531Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28296" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.54", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.15", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.26", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.21", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.7", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.5", "vendor": "Microsoft", "versions": [ { "lessThan": "17.5.4", "status": "affected", "version": "17.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-04-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-415", "description": "CWE-415: Double Free", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:56:37.551Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28296" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-28296", "datePublished": "2023-04-11T19:13:58.852Z", "dateReserved": "2023-03-13T22:23:36.188Z", "dateUpdated": "2024-08-02T12:38:24.531Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-43603
Vulnerability from cvelistv5
Published
2024-10-08 17:36
Modified
2024-12-10 18:46
Severity ?
EPSS score ?
Summary
Visual Studio Collector Service Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43603 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.11 |
Version: 17.11 < 17.11.5 |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-43603", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-08T18:35:39.922024Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-08T19:27:12.025Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.5", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.67", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.41", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.20", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.15", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.8", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27561.00", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.5", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", "versionEndExcluding": "15.9.67", "versionStartIncluding": "15.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "16.11.41", "versionStartIncluding": "16.11.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.20", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.15", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.8", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:update3:*:*:*:*:*:*", "versionEndExcluding": "14.0.27561.00", "versionStartIncluding": "14.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-10-08T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Collector Service Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T18:46:26.201Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Collector Service Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43603" } ], "title": "Visual Studio Collector Service Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-43603", "datePublished": "2024-10-08T17:36:17.098Z", "dateReserved": "2024-08-14T01:08:33.551Z", "dateUpdated": "2024-12-10T18:46:26.201Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35777
Vulnerability from cvelistv5
Published
2022-08-09 19:59
Modified
2024-08-03 09:44
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35777 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:44:21.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35777" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.50", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.24", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.18", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.13", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2012 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "11.0.61252.0", "status": "affected", "version": "11.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40699.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27552.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.7", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] } ], "datePublic": "2022-08-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-20T21:28:07.977Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35777" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-35777", "datePublished": "2022-08-09T19:59:23", "dateReserved": "2022-07-13T00:00:00", "dateUpdated": "2024-08-03T09:44:21.928Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-35825
Vulnerability from cvelistv5
Published
2022-08-09 20:12
Modified
2024-10-21 19:55
Severity ?
EPSS score ?
Summary
Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.50 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T09:44:22.119Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-35825", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-21T19:55:18.625937Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-21T19:55:28.427Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.50", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.24", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.18", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.13", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2012:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2012 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "11.0.61252.0", "status": "affected", "version": "11.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40699.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27552.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.7", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] } ], "datePublic": "2022-08-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-20T21:28:23.433Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825" } ], "title": "Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-35825", "datePublished": "2022-08-09T20:12:22", "dateReserved": "2022-07-13T00:00:00", "dateUpdated": "2024-10-21T19:55:28.427Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28935
Vulnerability from cvelistv5
Published
2024-04-09 17:01
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28935 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2019 (CU 25) |
Version: 15.0.0 < 15.0.4360.2 cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28935", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-12T12:55:55.302963Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:03:37.151Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.452Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28935" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:50.105Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28935" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28935", "datePublished": "2024-04-09T17:01:15.096Z", "dateReserved": "2024-03-13T01:26:53.036Z", "dateUpdated": "2024-10-09T01:41:50.105Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28263
Vulnerability from cvelistv5
Published
2023-04-11 19:13
Modified
2024-08-02 12:30
Severity ?
EPSS score ?
Summary
Visual Studio Information Disclosure Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28263 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.15 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-28263", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-12T15:43:42.993245Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-12T15:43:49.201Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T12:30:24.687Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Information Disclosure Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28263" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.15", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.26", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.21", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.7", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.5", "vendor": "Microsoft", "versions": [ { "lessThan": "17.5.4", "status": "affected", "version": "17.5.0", "versionType": "custom" } ] } ], "datePublic": "2023-04-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-170", "description": "CWE-170: Improper Null Termination", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T01:56:36.505Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Information Disclosure Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28263" } ], "title": "Visual Studio Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-28263", "datePublished": "2023-04-11T19:13:57.714Z", "dateReserved": "2023-03-13T22:18:32.393Z", "dateUpdated": "2024-08-02T12:30:24.687Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-29060
Vulnerability from cvelistv5
Published
2024-06-11 16:59
Modified
2024-08-02 01:03
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.10 |
Version: 17.10 < 17.10.2 cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-29060", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-11T18:59:22.420493Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-11T18:59:37.398Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.658Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.2", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.63", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.37", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.20", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.16", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.11", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-06-11T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T21:13:25.945Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-29060", "datePublished": "2024-06-11T16:59:48.371Z", "dateReserved": "2024-03-14T23:05:27.954Z", "dateUpdated": "2024-08-02T01:03:51.658Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28932
Vulnerability from cvelistv5
Published
2024-04-09 17:00
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28932 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2022 for (CU 12) |
Version: 16.0.0 < 16.0.4120.1 cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28932", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-11T18:08:26.723573Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T18:08:37.536Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.356Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28932" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:04.136Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28932" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28932", "datePublished": "2024-04-09T17:00:28.215Z", "dateReserved": "2024-03-13T01:26:53.031Z", "dateUpdated": "2024-10-09T01:41:04.136Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28934
Vulnerability from cvelistv5
Published
2024-04-09 17:01
Modified
2024-10-09 01:41
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28934 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft SQL Server 2022 for (CU 12) |
Version: 16.0.0 < 16.0.4120.1 cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:18.0:*:*:*:*:linux:*:*" ], "defaultStatus": "unknown", "product": "odbc_driver_for_sql_server", "vendor": "microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0", "versionType": "semver" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "sql_server", "vendor": "microsoft", "versions": [ { "status": "affected", "version": "15.0.2000.5" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-28934", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-23T15:04:37.242018Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:03:16.066Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:03:51.518Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28934" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 for (CU 12)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4120.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (CU 25)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4360.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2110.4", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1115.1", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.6.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.3.3.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.35", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.18", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.9", "vendor": "Microsoft", "versions": [ { "lessThan": "17.9.6", "status": "affected", "version": "17.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.14", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.9", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:49.555Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28934" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-28934", "datePublished": "2024-04-09T17:01:14.516Z", "dateReserved": "2024-03-13T01:26:53.036Z", "dateUpdated": "2024-10-09T01:41:49.555Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21567
Vulnerability from cvelistv5
Published
2023-02-14 20:09
Modified
2024-08-02 09:44
Severity ?
EPSS score ?
Summary
Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21567 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2022 version 17.2 |
Version: 17.2.0 < 17.2.13 cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-21567", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T15:38:10.306172Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:19:47.290Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T09:44:01.094Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21567" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.13", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.19", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.24", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.52", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.5", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] } ], "datePublic": "2023-02-14T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:05:07.715Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21567" } ], "title": "Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-21567", "datePublished": "2023-02-14T20:09:09.644Z", "dateReserved": "2022-12-01T14:00:11.204Z", "dateUpdated": "2024-08-02T09:44:01.094Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-24897
Vulnerability from cvelistv5
Published
2023-06-14 14:52
Modified
2024-09-27 19:43
Severity ?
EPSS score ?
Summary
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.55 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:11:43.453Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-24897", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-27T19:43:18.398305Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-27T19:43:32.943Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.55", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.16", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.27", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.22", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.8", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2013:update_5:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2013 Update 5", "vendor": "Microsoft", "versions": [ { "lessThan": "12.0.40700.0", "status": "affected", "version": "12.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27555.0", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.7", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.18", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.3", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.12", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 10 Version 1809 for 32-bit Systems", "Windows Server 2019 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems", "Windows Server 2019", "Windows 10 Version 1809 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows 10 Version 1607 for 32-bit Systems", "Windows Server 2012", "Windows Server 2016", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2012 R2 (Server Core installation)", "Windows Server 2012 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.8", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.8.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 Version 1809 for 32-bit Systems", "Windows 10 Version 1809 for x64-based Systems", "Windows 10 Version 1809 for ARM64-based Systems", "Windows Server 2019", "Windows Server 2019 (Server Core installation)" ], "product": "Microsoft .NET Framework 3.5 AND 4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.8.4644.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2016", "Windows 10 Version 1607 for x64-based Systems", "Windows Server 2016 (Server Core installation)", "Windows 10 Version 1607 for 32-bit Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.14393.5989", "status": "affected", "version": "3.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.7.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows Server 2012", "Windows Server 2012 (Server Core installation)", "Windows Server 2012 R2", "Windows Server 2012 R2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04043.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.8.1:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2022", "Windows Server 2022 (Server Core installation)", "Windows 11 version 21H2 for x64-based Systems", "Windows 10 Version 21H2 for 32-bit Systems", "Windows 10 Version 21H2 for ARM64-based Systems", "Windows 11 version 21H2 for ARM64-based Systems", "Windows 10 Version 21H2 for x64-based Systems", "Windows 11 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for x64-based Systems", "Windows 10 Version 22H2 for 32-bit Systems", "Windows 11 Version 22H2 for ARM64-based Systems", "Windows 10 Version 22H2 for ARM64-based Systems" ], "product": "Microsoft .NET Framework 3.5 AND 4.8.1", "vendor": "Microsoft", "versions": [ { "lessThan": "4.8.9166.0", "status": "affected", "version": "4.8.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)", "Windows Server 2008 for 32-bit Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2", "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)" ], "product": "Microsoft .NET Framework 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "4.7.04043.0", "status": "affected", "version": "4.7.0", "versionType": "custom" }, { "lessThan": "4.7.4050.0", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:4.6.2:*:*:*:*:*:*:*" ], "platforms": [ "Windows 10 for 32-bit Systems", "Windows 10 for x64-based Systems" ], "product": "Microsoft .NET Framework 3.5 and 4.6.2", "vendor": "Microsoft", "versions": [ { "lessThan": "10.0.10240.19983", "status": "affected", "version": "4.7.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:45.757Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897" } ], "title": ".NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-24897", "datePublished": "2023-06-14T14:52:10.089Z", "dateReserved": "2023-01-31T20:32:35.472Z", "dateUpdated": "2024-09-27T19:43:32.943Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-35272
Vulnerability from cvelistv5
Published
2024-07-09 17:02
Modified
2024-12-10 19:15
Severity ?
EPSS score ?
Summary
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35272 | vendor-advisory |
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-35272", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T18:38:18.225584Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-09T18:38:24.277Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T03:07:46.938Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35272" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.66", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.40", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.19", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.14", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.10", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.7", "status": "affected", "version": "17.10", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.11", "vendor": "Microsoft", "versions": [ { "lessThan": "17.11.3", "status": "affected", "version": "17.11", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2019 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.2116.2", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "13.0.6441.1", "status": "affected", "version": "13.0.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "vendor": "Microsoft", "versions": [ { "lessThan": "13.0.7037.1", "status": "affected", "version": "13.0.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2017 (CU 31)", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.3471.2", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] }, { "platforms": [ "x64-based Systems" ], "product": "Microsoft SQL Server 2022 (GDR)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.1121.4", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft SQL Server 2019 for x64-based Systems (CU 27)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.0.4382.1", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "platforms": [ "Unknown" ], "product": "Microsoft SQL Server 2022 for (CU 13)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.0.4131.2", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", "versionEndExcluding": "15.9.66", "versionStartIncluding": "15.9.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", "versionEndExcluding": "16.11.40", "versionStartIncluding": "16.11.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.6.19", "versionStartIncluding": "17.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.8.14", "versionStartIncluding": "17.8.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.10.7", "versionStartIncluding": "17.10", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.11.3", "versionStartIncluding": "17.11", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:*:*:*:*:*:x64:*", "versionEndExcluding": "15.0.2116.2", "versionStartIncluding": "15.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:sp3:*:*:*:*:x64:*", "versionEndExcluding": "13.0.6441.1", "versionStartIncluding": "13.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:sp3:*:*:*:*:x64:*", "versionEndExcluding": "13.0.7037.1", "versionStartIncluding": "13.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:-:*:*:*:*:x64:*", "versionEndExcluding": "14.0.3471.2", "versionStartIncluding": "14.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:*:*:*:*:*:x64:*", "versionEndExcluding": "16.0.1121.4", "versionStartIncluding": "16.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:*:*:*:*:*:x64:*", "versionEndExcluding": "15.0.4382.1", "versionStartIncluding": "15.0.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:microsoft:sql_server:*:*:*:*:*:*:x64:*", "versionEndExcluding": "16.0.4131.2", "versionStartIncluding": "16.0.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "datePublic": "2024-07-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-10T19:15:07.508Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35272" } ], "title": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-35272", "datePublished": "2024-07-09T17:02:44.609Z", "dateReserved": "2024-05-14T20:14:47.415Z", "dateUpdated": "2024-12-10T19:15:07.508Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-20656
Vulnerability from cvelistv5
Published
2024-01-09 17:57
Modified
2024-10-08 15:39
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.59 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-20656", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-01-30T18:27:10.585358Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-18T20:58:39.220Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:59:42.344Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.59", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.33", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2015 Update 3", "vendor": "Microsoft", "versions": [ { "lessThan": "14.0.27560.00", "status": "affected", "version": "14.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-01-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-08T15:39:54.529Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Visual Studio Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-20656", "datePublished": "2024-01-09T17:57:01.850Z", "dateReserved": "2023-11-28T22:58:12.114Z", "dateUpdated": "2024-10-08T15:39:54.529Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24767
Vulnerability from cvelistv5
Published
2022-04-12 17:51
Modified
2024-10-01 14:53
Severity ?
EPSS score ?
Summary
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: unspecified |
||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:20:50.454Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2022-24767", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-01-31T15:23:28.548160Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-427", "description": "CWE-427 Uncontrolled Search Path Element", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-01T14:53:40.641Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u00e2\u20ac\u201c 16.6)", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] }, { "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "unspecified" } ] } ], "descriptions": [ { "lang": "en", "value": "GitHub: Git for Windows\u0027 uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account." } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-15T19:58:54", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24767", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Visual Studio 2022 version 17.1", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u00e2\u20ac\u201c 16.6)", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "version": { "version_data": [ { "version_value": "" } ] } }, { "product_name": "Microsoft Visual Studio 2022 version 17.0", "version": { "version_data": [ { "version_value": "" } ] } } ] }, "vendor_name": "Microsoft" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "GitHub: Git for Windows\u0027 uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of Privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24767" } ] } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24767", "datePublished": "2022-04-12T17:51:04", "dateReserved": "2022-02-10T00:00:00", "dateUpdated": "2024-10-01T14:53:40.641Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32025
Vulnerability from cvelistv5
Published
2023-06-16 00:44
Modified
2024-08-02 15:03
Severity ?
EPSS score ?
Summary
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32025 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft ODBC Driver 17 for SQL Server on Linux |
Version: 17.0.0.0 < 17.10.4.1 cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:03:28.785Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32025" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on MacOS", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.2.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_18_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 18 for SQL Server on Linux", "vendor": "Microsoft", "versions": [ { "lessThan": "18.2.1.1", "status": "affected", "version": "18.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:odbc_driver_17_for_sql_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft ODBC Driver 17 for SQL Server on Windows", "vendor": "Microsoft", "versions": [ { "lessThan": "17.10.4.1", "status": "affected", "version": "17.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.33", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.23", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.4", "vendor": "Microsoft", "versions": [ { "lessThan": "17.4.15", "status": "affected", "version": "17.4.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.6", "vendor": "Microsoft", "versions": [ { "lessThan": "17.6.11", "status": "affected", "version": "17.6.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.8", "vendor": "Microsoft", "versions": [ { "lessThan": "17.8.4", "status": "affected", "version": "17.8.0", "versionType": "custom" } ] } ], "datePublic": "2023-06-15T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-19T20:21:53.646Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32025" } ], "title": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-32025", "datePublished": "2023-06-16T00:44:28.480Z", "dateReserved": "2023-05-01T15:34:52.131Z", "dateUpdated": "2024-08-02T15:03:28.785Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38013
Vulnerability from cvelistv5
Published
2022-09-13 00:00
Modified
2024-08-03 10:37
Severity ?
EPSS score ?
Summary
.NET Core and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013 | ||
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/ | vendor-advisory | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/ | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Visual Studio 2022 for Mac version 17.3 |
Version: 17.3 < 17.3.5 cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:* |
||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:37:42.606Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013" }, { "name": "FEDORA-2022-980d492c98", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/" }, { "name": "FEDORA-2022-847c67b3cd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/" }, { "name": "FEDORA-2022-d80b1d2827", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/" }, { "name": "FEDORA-2022-34a610d9bf", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/" }, { "name": "FEDORA-2022-13046bb867", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.5", "status": "affected", "version": "17.3", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.3:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.3", "vendor": "Microsoft", "versions": [ { "lessThan": "17.3.4", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.29", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.9", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.19", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.25", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.14", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.2", "vendor": "Microsoft", "versions": [ { "lessThan": "17.2.8", "status": "affected", "version": "17.2.0", "versionType": "custom" } ] } ], "datePublic": "2022-09-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET Core and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:11:38.022Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013" }, { "name": "FEDORA-2022-980d492c98", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE/" }, { "name": "FEDORA-2022-847c67b3cd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL334CKOHA6BQQSYJW365HIWJ4IOE45M/" }, { "name": "FEDORA-2022-d80b1d2827", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y/" }, { "name": "FEDORA-2022-34a610d9bf", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG/" }, { "name": "FEDORA-2022-13046bb867", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY/" } ], "title": ".NET Core and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-38013", "datePublished": "2022-09-13T00:00:00", "dateReserved": "2022-08-08T00:00:00", "dateUpdated": "2024-08-03T10:37:42.606Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24464
Vulnerability from cvelistv5
Published
2022-03-09 17:07
Modified
2024-08-03 04:13
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET 6.0 |
Version: 6.0.0 < 6.0.3 cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:* |
||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:13:55.503Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.3", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.15", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.23", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.26", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.18", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.11", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-03-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T00:31:56.437Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": ".NET and Visual Studio Denial of Service Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24464" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-24464", "datePublished": "2022-03-09T17:07:46", "dateReserved": "2022-02-05T00:00:00", "dateUpdated": "2024-08-03T04:13:55.503Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23267
Vulnerability from cvelistv5
Published
2022-05-10 20:33
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
.NET and Visual Studio Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | .NET Core 3.1 |
Version: 3.1 < 3.1.25 cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:36:20.350Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:.net_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET Core 3.1", "vendor": "Microsoft", "versions": [ { "lessThan": "3.1.25", "status": "affected", "version": "3.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 5.0", "vendor": "Microsoft", "versions": [ { "lessThan": "5.0.17", "status": "affected", "version": "5.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.21", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:8.10:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2019 for Mac version 8.10", "vendor": "Microsoft", "versions": [ { "lessThan": "8.10.24", "status": "affected", "version": "8.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.14", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.10", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:.net:6.0.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": ".NET 6.0", "vendor": "Microsoft", "versions": [ { "lessThan": "6.0.5", "status": "affected", "version": "6.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2022 version 17.1", "vendor": "Microsoft", "versions": [ { "lessThan": "17.1.7", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell_core:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.0", "vendor": "Microsoft", "versions": [ { "lessThan": "7.0.11", "status": "affected", "version": "7.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:powershell:7.2:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "PowerShell 7.2", "vendor": "Microsoft", "versions": [ { "lessThan": "7.2.4", "status": "affected", "version": "7.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2022:17.0:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Visual Studio 2022 for Mac version 17.0", "vendor": "Microsoft", "versions": [ { "lessThan": "17.0.3", "status": "affected", "version": "17.0.0", "versionType": "custom" } ] } ], "datePublic": "2022-05-10T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": ".NET and Visual Studio Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:27:19.793Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267" }, { "name": "FEDORA-2022-d69fee9f38", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB/" }, { "name": "FEDORA-2022-9a1d5ea33c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO/" }, { "name": "FEDORA-2022-256d559f0c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY/" } ], "title": ".NET and Visual Studio Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-23267", "datePublished": "2022-05-10T20:33:32", "dateReserved": "2022-01-15T00:00:00", "dateUpdated": "2024-08-03T03:36:20.350Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42319
Vulnerability from cvelistv5
Published
2021-11-10 00:47
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
Visual Studio Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42319 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) |
Version: 15.9.0 < 15.9.41 cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.244Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42319" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "15.9.41", "status": "affected", "version": "15.9.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.7.21", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:16.9:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.9.13", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "vendor": "Microsoft", "versions": [ { "lessThan": "16.11.6", "status": "affected", "version": "16.11.0", "versionType": "custom" } ] } ], "datePublic": "2021-11-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Visual Studio Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:47:45.942Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42319" } ], "title": "Visual Studio Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-42319", "datePublished": "2021-11-10T00:47:41", "dateReserved": "2021-10-12T00:00:00", "dateUpdated": "2024-08-04T03:30:38.244Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }