Microsoft visual studio 2017 version 15.9 (includes 15.1 - 15.8)

This hub aggregates every CVE we track for Microsoft visual studio 2017 version 15.9 (includes 15.1 - 15.8), a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.

DevTools & CIon-premdev tool

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

HIGH9MEDIUM2LOW1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 12 most recently published vulnerabilities affecting Microsoft visual studio 2017 version 15.9 (includes 15.1 - 15.8).

CVE-2020-1161A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.7.5May 21, 2020
CVE-2020-1108A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.7.5May 21, 2020
CVE-2020-0900An elevation of privilege vulnerability exists when the Visual Studio Extension Installer Service improperly handles file operations, aka 'Visual Studio Extension Installer Service Elevation of Pri...5.5Apr 15, 2020
CVE-2020-0899An elevation of privilege vulnerability exists when Microsoft Visual Studio updater service improperly handles file permissions, aka 'Microsoft Visual Studio Elevation of Privilege Vulnerability'.5.5Apr 15, 2020
CVE-2020-0884A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL, aka 'Microsoft Visual Studio Spoofing Vulnerability'.3.7Mar 12, 2020
CVE-2020-0810An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file creation in arbitrary locations.To exploit the vulnera...7.8Mar 12, 2020
CVE-2020-0793An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege...7.8Mar 12, 2020
CVE-2019-1354A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2...8.8Jan 24, 2020
CVE-2019-1352A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2...8.8Jan 24, 2020
CVE-2019-1351A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.7.5Jan 24, 2020
CVE-2019-1350A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2...8.8Jan 24, 2020
CVE-2019-1349A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2...8.8Jan 24, 2020

Product normalization is registry-driven with AI assist and human review. How it works