Microsoft Visual Studio 2017
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Visual Studio 2017.
By the Year
In 2025 there have been 6 vulnerabilities in Microsoft Visual Studio 2017 with an average score of 7.5 out of ten. Last year, in 2024 Visual Studio 2017 had 4 security vulnerabilities published. That is, 2 more vulnerabilities have already been reported in 2025 as compared to last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.58.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 6 | 7.53 |
| 2024 | 4 | 6.95 |
| 2023 | 14 | 7.22 |
| 2022 | 8 | 8.30 |
| 2021 | 14 | 7.04 |
| 2020 | 28 | 7.36 |
| 2019 | 10 | 7.35 |
| 2018 | 5 | 7.10 |
It may take a day or so for new Visual Studio 2017 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Visual Studio 2017 Security Vulnerabilities
Insufficient granularity of access control in Visual Studio
CVE-2025-32703
5.5 - Medium
- May 13, 2025
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
Information Disclosure
Uncontrolled search path element in Visual Studio
CVE-2025-24998
7.3 - High
- March 11, 2025
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
DLL preloading
Visual Studio Installer Elevation of Privilege Vulnerability
CVE-2025-21206
7.3 - High
- February 11, 2025
Visual Studio Installer Elevation of Privilege Vulnerability
DLL preloading
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21172
7.5 - High
- January 14, 2025
.NET and Visual Studio Remote Code Execution Vulnerability
Integer Overflow or Wraparound
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21176
8.8 - High
- January 14, 2025
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
Buffer Over-read
Visual Studio Remote Code Execution Vulnerability
CVE-2025-21178
8.8 - High
- January 14, 2025
Visual Studio Remote Code Execution Vulnerability
Out-of-bounds Read
Visual Studio Collector Service Denial of Service Vulnerability
CVE-2024-43603
5.5 - Medium
- October 08, 2024
Visual Studio Collector Service Denial of Service Vulnerability
insecure temporary file
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
CVE-2024-43590
7.8 - High
- October 08, 2024
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
Authorization
Visual Studio Elevation of Privilege Vulnerability
CVE-2024-29060
6.7 - Medium
- June 11, 2024
Visual Studio Elevation of Privilege Vulnerability
Visual Studio Elevation of Privilege Vulnerability
CVE-2024-20656
7.8 - High
- January 09, 2024
Visual Studio Elevation of Privilege Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36792
7.8 - High
- September 12, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36796
7.8 - High
- September 12, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36794
7.8 - High
- September 12, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-36793
7.8 - High
- September 12, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Tools for Office Runtime Spoofing Vulnerability
CVE-2023-36897
6.5 - Medium
- August 08, 2023
Visual Studio Tools for Office Runtime Spoofing Vulnerability
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2023-24897
7.8 - High
- June 14, 2023
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
Visual Studio Information Disclosure Vulnerability
CVE-2023-33139
5.5 - Medium
- June 14, 2023
Visual Studio Information Disclosure Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-28296
7.8 - High
- April 11, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Spoofing Vulnerability
CVE-2023-28299
5.5 - Medium
- April 11, 2023
Visual Studio Spoofing Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-21808
7.8 - High
- February 14, 2023
.NET and Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-21815
7.8 - High
- February 14, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Denial of Service Vulnerability
CVE-2023-21567
5.6 - Medium
- February 14, 2023
Visual Studio Denial of Service Vulnerability
Visual Studio Elevation of Privilege Vulnerability
CVE-2023-21566
7.8 - High
- February 14, 2023
Visual Studio Elevation of Privilege Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2023-23381
7.8 - High
- February 14, 2023
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2022-41119
7.8 - High
- November 09, 2022
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35777
8.8 - High
- August 09, 2022
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35825
8.8 - High
- August 09, 2022
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35826
8.8 - High
- August 09, 2022
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35827
8.8 - High
- August 09, 2022
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
CVE-2022-29148
7.8 - High
- May 10, 2022
Visual Studio Remote Code Execution Vulnerability
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.
CVE-2022-24767
7.8 - High
- April 12, 2022
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.
DLL preloading
Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability
CVE-2022-21871
7.8 - High
- January 11, 2022
Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability
Visual Studio Elevation of Privilege Vulnerability
CVE-2021-42319
4.7 - Medium
- November 10, 2021
Visual Studio Elevation of Privilege Vulnerability
Improper Privilege Management
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-42277
5.5 - Medium
- November 10, 2021
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Improper Privilege Management
Visual Studio Elevation of Privilege Vulnerability
CVE-2021-26434
7.8 - High
- September 15, 2021
Visual Studio Elevation of Privilege Vulnerability
Incorrect Permission Assignment for Critical Resource
Visual Studio Remote Code Execution Vulnerability
CVE-2021-36952
7.8 - High
- September 15, 2021
Visual Studio Remote Code Execution Vulnerability
Memory Corruption
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-26423
7.5 - High
- August 12, 2021
.NET Core and Visual Studio Denial of Service Vulnerability
.NET Core and Visual Studio Information Disclosure Vulnerability
CVE-2021-34485
5 - Medium
- August 12, 2021
.NET Core and Visual Studio Information Disclosure Vulnerability
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28321
7.8 - High
- April 13, 2021
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
insecure temporary file
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28322
7.8 - High
- April 13, 2021
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
Improper Privilege Management
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
CVE-2021-28313
7.8 - High
- April 13, 2021
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
Improper Privilege Management
Visual Studio Installer Elevation of Privilege Vulnerability
CVE-2021-27064
7.8 - High
- April 13, 2021
Visual Studio Installer Elevation of Privilege Vulnerability
Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-1639
7 - High
- February 25, 2021
Visual Studio Code Remote Code Execution Vulnerability
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-1721
6.5 - Medium
- February 25, 2021
.NET Core and Visual Studio Denial of Service Vulnerability
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-1651
7.8 - High
- January 12, 2021
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Improper Privilege Management
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
CVE-2021-1680
7.8 - High
- January 12, 2021
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Improper Privilege Management
Visual Studio Remote Code Execution Vulnerability
CVE-2020-17156
7.8 - High
- December 10, 2020
Visual Studio Remote Code Execution Vulnerability
Visual Studio Tampering Vulnerability
CVE-2020-17100
5.5 - Medium
- November 11, 2020
Visual Studio Tampering Vulnerability
Cure53 DOMPurify before 2.0.17 allows mutation XSS
CVE-2020-26870
6.1 - Medium
- October 07, 2020
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
XSS
<p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations
CVE-2020-1130
6.6 - Medium
- September 11, 2020
<p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles data operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles data operations.</p>
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2019 or by Microsoft? Click the Watch button to subscribe.
