This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2018-04-11
Product Visual Studio 2017 Last view 2025-07-08
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:* 71
cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:* 68
cpe:2.3:a:microsoft:visual_studio_2017:15.8:*:*:*:*:*:*:* 63
cpe:2.3:a:microsoft:visual_studio_2017:15.7.5:*:*:*:*:*:*:* 63
cpe:2.3:a:microsoft:visual_studio_2017:15.0:*:*:*:*:*:*:* 63
cpe:2.3:a:microsoft:visual_studio_2017:15.7:*:preview:*:*:*:*:* 62
cpe:2.3:a:microsoft:visual_studio_2017:15.6.6:*:*:*:*:*:*:* 62
cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:* 61
cpe:2.3:a:microsoft:visual_studio_2017:15.8:*:preview:*:*:*:*:* 61

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2025-07-08 CVE-2025-49739

Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
5.5 2025-05-13 CVE-2025-32703

Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
7.3 2025-03-11 CVE-2025-24998

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
7.3 2025-02-11 CVE-2025-21206

Visual Studio Installer Elevation of Privilege Vulnerability
8.8 2025-01-14 CVE-2025-21178

Visual Studio Remote Code Execution Vulnerability
5.5 2024-10-08 CVE-2024-43603

Visual Studio Collector Service Denial of Service Vulnerability
7.8 2024-10-08 CVE-2024-43590

Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
0 2024-06-11 CVE-2024-29060

Visual Studio Elevation of Privilege Vulnerability
7.8 2024-01-09 CVE-2024-20656

Visual Studio Elevation of Privilege Vulnerability
6.5 2023-08-08 CVE-2023-36897

Visual Studio Tools for Office Runtime Spoofing Vulnerability
5.5 2023-06-14 CVE-2023-33139

Visual Studio Information Disclosure Vulnerability
5.5 2023-04-11 CVE-2023-28299

Visual Studio Spoofing Vulnerability
0 2023-04-11 CVE-2023-28296

Visual Studio Remote Code Execution Vulnerability
0 2023-02-14 CVE-2023-23381

Visual Studio Remote Code Execution Vulnerability
0 2023-02-14 CVE-2023-21815

Visual Studio Remote Code Execution Vulnerability
7.8 2023-02-14 CVE-2023-21808

.NET and Visual Studio Remote Code Execution Vulnerability
0 2023-02-14 CVE-2023-21567

Visual Studio Denial of Service Vulnerability
0 2023-02-14 CVE-2023-21566

Visual Studio Elevation of Privilege Vulnerability
0 2022-11-09 CVE-2022-41119

Visual Studio Remote Code Execution Vulnerability
0 2022-08-09 CVE-2022-35827

Visual Studio Remote Code Execution Vulnerability
0 2022-08-09 CVE-2022-35826

Visual Studio Remote Code Execution Vulnerability
0 2022-08-09 CVE-2022-35825

Visual Studio Remote Code Execution Vulnerability
0 2022-08-09 CVE-2022-35777

Visual Studio Remote Code Execution Vulnerability
7.8 2022-05-10 CVE-2022-29148

Visual Studio Remote Code Execution Vulnerability
7.8 2022-04-12 CVE-2022-24767

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.

CWE : Common Weakness Enumeration

%idName
25% (7) CWE-269 Improper Privilege Management
21% (6) CWE-20 Improper Input Validation
10% (3) CWE-59 Improper Link Resolution Before File Access ('Link Following')
7% (2) CWE-427 Uncontrolled Search Path Element
3% (1) CWE-787 Out-of-bounds Write
3% (1) CWE-732 Incorrect Permission Assignment for Critical Resource
3% (1) CWE-706 Use of Incorrectly-Resolved Name or Reference
3% (1) CWE-426 Untrusted Search Path
3% (1) CWE-319 Cleartext Transmission of Sensitive Information
3% (1) CWE-273 Improper Check for Dropped Privileges
3% (1) CWE-200 Information Exposure
3% (1) CWE-125 Out-of-bounds Read
3% (1) CWE-122 Heap-based Buffer Overflow
3% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

Snort® IPS/IDS

Date Description
2020-09-17 Microsoft Windows .NET API XML unsafe deserialization attempt
RuleID : 54790 - Type : SERVER-WEBAPP - Revision : 1
2020-09-17 Microsoft Windows .NET API XML unsafe deserialization attempt
RuleID : 54789 - Type : SERVER-WEBAPP - Revision : 1
2020-09-03 Microsoft Windows .NET API XML unsafe deserialization attempt
RuleID : 54684 - Type : SERVER-WEBAPP - Revision : 1
2020-09-02 Microsoft Windows .NET API XML unsafe deserialization attempt
RuleID : 54629 - Type : SERVER-WEBAPP - Revision : 2
2020-08-13 Microsoft Windows .NET API XML unsafe deserialization attempt
RuleID : 54511 - Type : SERVER-WEBAPP - Revision : 1
2018-11-10 Microsoft .NET Resources file remote code execution attempt
RuleID : 48123 - Type : FILE-OTHER - Revision : 1
2018-11-10 Microsoft .NET Resources file remote code execution attempt
RuleID : 48122 - Type : FILE-OTHER - Revision : 1
2018-10-18 Microsoft Windows SystemCollector privilege escalation attempt
RuleID : 47851 - Type : OS-WINDOWS - Revision : 1
2018-10-18 Microsoft Windows SystemCollector privilege escalation attempt
RuleID : 47850 - Type : OS-WINDOWS - Revision : 1