Security
Headlines
HeadlinesLatestCVEs

Tag

#Visual Studio

CVE-2022-24767: GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account

**Why is this GitHub CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Git for Windows software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

Microsoft Security Response Center
Open in Source
#vulnerability#windows#microsoft#git#Visual Studio#Security Vulnerability
CVE-2021-3711: OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow

*Why is this OpenSSL Software Foundation CVE included in the Security Update Guide?* The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

CVE-2020-1971: OpenSSL: CVE-2020-1971 EDIPARTYNAME NULL pointer de-reference

*Why is this OpenSSL Software Foundation CVE included in the Security Update Guide?* The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

CVE-2021-3449: OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing

*Why is this OpenSSL Software Foundation CVE included in the Security Update Guide?* The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

CVE-2021-3450: OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT

*Why is this OpenSSL Software Foundation CVE included in the Security Update Guide?* The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.