Microsoft Visual Studio 2022 17.14.2

CPE Details

Microsoft Visual Studio 2022 17.14.2
microsoft
visual_studio_2022
17.14.2
2025-07-09
10h35 +00:00
2025-07-09
10h35 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:microsoft:visual_studio_2022:17.14.2:*:*:*:*:-:*:*

Informations

Vendor

microsoft

Product

visual_studio_2022

Version

17.14.2

Target Software

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2025-62214 2025-11-11 17h15 +00:00 Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.
6.7
Moyen
CVE-2025-55315 2025-10-14 15h15 +00:00 Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
9.9
Critique
CVE-2025-55248 2025-10-14 15h15 +00:00 Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
5.7
Moyen
CVE-2025-55240 2025-10-14 15h15 +00:00 Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
7.3
Haute
CVE-2025-53773 2025-08-12 16h15 +00:00 Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
7.8
Haute
CVE-2025-49739 2025-07-08 16h58 +00:00 Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
8.8
Haute
CVE-2025-47959 2025-06-13 01h10 +00:00 Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network.
7.1
Haute
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.