Visual Studio 2022 Microsoft Visual Studio 2022

  1. Vendors
  2. Microsoft
  3. Visual Studio 2022

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Visual Studio 2022.

By the Year

In 2025 there have been 11 vulnerabilities in Microsoft Visual Studio 2022 with an average score of 7.3 out of ten. Last year, in 2024 Visual Studio 2022 had 38 security vulnerabilities published. Right now, Visual Studio 2022 is on track to have less security vulnerabilities in 2025 than it did last year. Last year, the average CVE base score was greater by 0.44




Year Vulnerabilities Average Score
2025 11 7.33
2024 38 7.77
2023 37 7.33
2022 16 7.70
2021 1 8.80
2020 1 6.50
2019 0 0.00
2018 0 0.00

It may take a day or so for new Visual Studio 2022 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Visual Studio 2022 Security Vulnerabilities

Improper neutralization of special elements used in a command ('command injection') in Visual Studio

CVE-2025-32702 7.8 - High - May 13, 2025

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.

Command Injection

Insufficient granularity of access control in Visual Studio

CVE-2025-32703 5.5 - Medium - May 13, 2025

Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.

Information Disclosure

Weak authentication in ASP.NET Core & Visual Studio

CVE-2025-24070 7 - High - March 11, 2025

Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

1390

Uncontrolled search path element in Visual Studio

CVE-2025-24998 7.3 - High - March 11, 2025

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

DLL preloading

Uncontrolled search path element in Visual Studio

CVE-2025-25003 7.3 - High - March 11, 2025

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

DLL preloading

Visual Studio Installer Elevation of Privilege Vulnerability

CVE-2025-21206 7.3 - High - February 11, 2025

Visual Studio Installer Elevation of Privilege Vulnerability

DLL preloading

Visual Studio Elevation of Privilege Vulnerability

CVE-2025-21405 7.3 - High - January 14, 2025

Visual Studio Elevation of Privilege Vulnerability

Authorization

.NET Remote Code Execution Vulnerability

CVE-2025-21171 7.5 - High - January 14, 2025

.NET Remote Code Execution Vulnerability

Heap-based Buffer Overflow

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2025-21172 7.5 - High - January 14, 2025

.NET and Visual Studio Remote Code Execution Vulnerability

Integer Overflow or Wraparound

.NET Elevation of Privilege Vulnerability

CVE-2025-21173 7.3 - High - January 14, 2025

.NET Elevation of Privilege Vulnerability

Creation of Temporary File in Directory with Insecure Permissions

Visual Studio Remote Code Execution Vulnerability

CVE-2025-21178 8.8 - High - January 14, 2025

Visual Studio Remote Code Execution Vulnerability

Out-of-bounds Read

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-43498 9.8 - Critical - November 12, 2024

.NET and Visual Studio Remote Code Execution Vulnerability

Object Type Confusion

.NET and Visual Studio Denial of Service Vulnerability

CVE-2024-43499 7.5 - High - November 12, 2024

.NET and Visual Studio Denial of Service Vulnerability

Data Amplification

Visual Studio Elevation of Privilege Vulnerability

CVE-2024-49044 6.7 - Medium - November 12, 2024

Visual Studio Elevation of Privilege Vulnerability

Authorization

.NET and Visual Studio Denial of Service Vulnerability

CVE-2024-43485 7.5 - High - October 08, 2024

.NET and Visual Studio Denial of Service Vulnerability

Inefficient Algorithmic Complexity

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVE-2024-43483 7.5 - High - October 08, 2024

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

Inefficient Algorithmic Complexity

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

CVE-2024-43484 7.5 - High - October 08, 2024

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

Inefficient Algorithmic Complexity

Visual Studio Collector Service Denial of Service Vulnerability

CVE-2024-43603 5.5 - Medium - October 08, 2024

Visual Studio Collector Service Denial of Service Vulnerability

insecure temporary file

Visual C++ Redistributable Installer Elevation of Privilege Vulnerability

CVE-2024-43590 7.8 - High - October 08, 2024

Visual C++ Redistributable Installer Elevation of Privilege Vulnerability

Authorization

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-38229 8.1 - High - October 08, 2024

.NET and Visual Studio Remote Code Execution Vulnerability

Dangling pointer

.NET and Visual Studio Information Disclosure Vulnerability

CVE-2024-38167 6.5 - Medium - August 13, 2024

.NET and Visual Studio Information Disclosure Vulnerability

Cleartext Transmission of Sensitive Information

.NET and Visual Studio Denial of Service Vulnerability

CVE-2024-38168 7.5 - High - August 13, 2024

.NET and Visual Studio Denial of Service Vulnerability

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

CVE-2024-38081 7.3 - High - July 09, 2024

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

CVE-2024-30105 7.5 - High - July 09, 2024

.NET and Visual Studio Denial of Service Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-35264 8.1 - High - July 09, 2024

.NET and Visual Studio Remote Code Execution Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

CVE-2024-38095 7.5 - High - July 09, 2024

.NET and Visual Studio Denial of Service Vulnerability

Visual Studio Remote Code Execution Vulnerability

CVE-2024-30052 4.7 - Medium - June 11, 2024

Visual Studio Remote Code Execution Vulnerability

Visual Studio Elevation of Privilege Vulnerability

CVE-2024-29060 6.7 - Medium - June 11, 2024

Visual Studio Elevation of Privilege Vulnerability

.NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-30045 6.3 - Medium - May 14, 2024

.NET and Visual Studio Remote Code Execution Vulnerability

Visual Studio Denial of Service Vulnerability

CVE-2024-30046 - May 14, 2024

Visual Studio Denial of Service Vulnerability

Race Condition

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28929 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28930 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28931 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28932 - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28933 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28934 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28935 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28936 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28937 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

CVE-2024-28938 8.8 - High - April 09, 2024

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

CVE-2024-21409 7.3 - High - April 09, 2024

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

CVE-2024-21392 7.5 - High - March 12, 2024

.NET and Visual Studio Denial of Service Vulnerability

Microsoft QUIC Denial of Service Vulnerability

CVE-2024-26190 7.5 - High - March 12, 2024

Microsoft QUIC Denial of Service Vulnerability

.NET Denial of Service Vulnerability

CVE-2024-21386 7.5 - High - February 13, 2024

.NET Denial of Service Vulnerability

.NET Denial of Service Vulnerability

CVE-2024-21404 7.5 - High - February 13, 2024

.NET Denial of Service Vulnerability

Microsoft Identity Denial of service vulnerability

CVE-2024-21319 6.8 - Medium - January 09, 2024

Microsoft Identity Denial of service vulnerability

Visual Studio Elevation of Privilege Vulnerability

CVE-2024-20656 7.8 - High - January 09, 2024

Visual Studio Elevation of Privilege Vulnerability

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

CVE-2024-0057 9.8 - Critical - January 09, 2024

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

CVE-2024-0056 8.7 - High - January 09, 2024

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

ASP.NET Core Security Feature Bypass Vulnerability

CVE-2023-36558 5.5 - Medium - November 14, 2023

ASP.NET Core Security Feature Bypass Vulnerability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft ASP.NET Core or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Visual Studio 2022
Product

subscribe