cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-49050,https://securityvulnerability.io/vulnerability/CVE-2024-49050,Visual Studio Code Python Extension Remote Code Execution Vulnerability,"The vulnerability in the Visual Studio Code Python Extension allows for remote code execution, which can be exploited by attackers to execute arbitrary code on the affected system without requiring user interaction. This flaw can potentially lead to significant security breaches, as malicious actors may utilize it to gain unauthorized access to sensitive data or control over systems running the extension. Users of Visual Studio Code are recommended to update their installations and Python extensions to the latest versions provided by Microsoft to mitigate the risk associated with this vulnerability.",Microsoft,Python Extension For Visual Studio Code,8.8,HIGH,0.0010600000387057662,false,false,false,false,,false,false,2024-11-12T18:15:00.000Z,0
CVE-2020-17163,https://securityvulnerability.io/vulnerability/CVE-2020-17163,Visual Studio Code Python Extension Remote Code Execution Vulnerability,Visual Studio Code Python Extension Remote Code Execution Vulnerability,Microsoft,Python Extension For Visual Studio Code,7.8,HIGH,0.001769999973475933,false,false,false,false,,false,false,2023-12-29T17:15:00.000Z,0
CVE-2020-16977,https://securityvulnerability.io/vulnerability/CVE-2020-16977,Visual Studio Code Python Extension Remote Code Execution Vulnerability,"<p>A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
<p>To exploit this vulnerability, an attacker would need to convince a target to open a specially crafted file in Visual Studio Code with the Python extension installed.</p>
<p>The update addresses the vulnerability by modifying the way Visual Studio Code Python extension renders notebook content.</p>
",Microsoft,Python Extension For Visual Studio Code,7,HIGH,0.029650000855326653,false,false,false,false,,false,false,2020-10-16T23:15:00.000Z,0