Visual Studio 2017
Vulnerabilities
92
Known exploited
1
Max CVSS
8.8
Top EPSS
0.94243
Severity breakdown
Critical
0
High
74
Medium
17
Low
1
Affected version ranges
15.0.0–15.9.6715.0–15.815.0–15.915.0–15.9.1815.0–15.9.2515.0–15.9.2715.0–15.9.4415.0–15.9.4615.0–15.9.4815.0–15.9.5115.0–15.9.5215.0–15.9.5415.0–15.9.5615.0–15.9.5715.0–15.9.5915.0–15.9.6315.0–15.9.6715.0–15.9.6915.0–15.9.7015.0–15.9.7115.0–15.9.7315.0–15.9.7515.0–15.9.7715.1–15.8
Also matched as (raw): visual_studio_2019,windows_server_2019,.net_core,powershell_core,visual_studio_2015,visual_studio_2017,windows_10,windows_server_2016,visual_studio,visual_studio_2022,.net,windows_server_2022
Top vulnerabilities
CVE-2025-49739Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-21178Visual Studio Remote Code Execution Vulnerability
CVE-2025-21176.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2022-35827Visual Studio Remote Code Execution Vulnerability
CVE-2022-35826Visual Studio Remote Code Execution Vulnerability
CVE-2022-35825Visual Studio Remote Code Execution Vulnerability
CVE-2022-35777Visual Studio Remote Code Execution Vulnerability
CVE-2020-1416An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.
CVE-2020-1147A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
CVE-2019-1354A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.
CVE-2019-1350A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.
CVE-2019-1113A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'.
CVE-2019-0613A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and Visual Studio Remote Code Execution Vulnerability'.
CVE-2024-43590Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
CVE-2024-20656Visual Studio Elevation of Privilege Vulnerability
CVE-2023-36796Visual Studio Remote Code Execution Vulnerability
CVE-2023-36794Visual Studio Remote Code Execution Vulnerability
CVE-2023-36793Visual Studio Remote Code Execution Vulnerability
CVE-2023-36792Visual Studio Remote Code Execution Vulnerability
CVE-2023-28296Visual Studio Remote Code Execution Vulnerability
CVE-2023-24897.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2023-23381Visual Studio Remote Code Execution Vulnerability
CVE-2023-21815Visual Studio Remote Code Execution Vulnerability
CVE-2023-21808.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-21566Visual Studio Elevation of Privilege Vulnerability