cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-43590,https://securityvulnerability.io/vulnerability/CVE-2024-43590,Elevation of Privilege Vulnerability Affects Visual C++ Users,"An elevation of privilege vulnerability exists within the Visual C++ Redistributable Installer, allowing attackers to exploit this flaw to gain elevated permissions on affected systems. This vulnerability can potentially enable unauthorized access and control over system resources, impacting system security and integrity. Users and administrators are advised to review their installed versions of the Visual C++ Redistributable and apply necessary patches in order to mitigate associated risks.",Microsoft,"Visual C++ Redistributable Installer,Microsoft Visual Studio 2017 Version 15.9 (includes 15.0 - 15.8),Microsoft Visual Studio 2019 Version 16.11 (includes 16.0 - 16.10),Microsoft Visual Studio 2022 Version 17.6,Microsoft Visual Studio 2022 Version 17.8,Microsoft Visual Studio 2022 Version 17.10,Microsoft Visual Studio 2022 Version 17.11",7.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-10-08T17:36:14.169Z,0
CVE-2024-38158,https://securityvulnerability.io/vulnerability/CVE-2024-38158,Remote Code Execution Vulnerability in Azure IoT SDK,"A vulnerability has been identified in the Azure IoT SDK which allows for remote code execution. An attacker who successfully exploits this vulnerability could execute arbitrary code on the affected system, posing a considerable risk to resources and data integrity. Organizations utilizing the Azure IoT SDK need to be aware of this issue and implement necessary updates and patches to safeguard their IoT environments.",Microsoft,C Sdk For Azure Iot,7,HIGH,0.000590000010561198,false,false,false,false,,false,false,2024-08-13T17:30:24.362Z,0
CVE-2024-35255,https://securityvulnerability.io/vulnerability/CVE-2024-35255,Elevation of Privilege Vulnerability Affects Azure Identity Libraries,Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability,Microsoft,"Azure Identity Library For .net,Microsoft Authentication Library,Azure Identity Library,Azure Identity Library For Java,Azure Identity Library For Javascript,Azure Identity Library For C++,Azure Identity Library For Python",5.5,MEDIUM,0.0004799999878741801,false,false,false,false,,false,false,2024-06-11T16:59:47.754Z,0
CVE-2023-36566,https://securityvulnerability.io/vulnerability/CVE-2023-36566,Microsoft Common Data Model SDK Denial of Service Vulnerability,Microsoft Common Data Model SDK Denial of Service Vulnerability,Microsoft,"Microsoft Common Data Model Sdk For Java,Microsoft Common Data Model Sdk For Typescript,Microsoft Common Data Model Sdk For Python,Microsoft Common Data Model Sdk For C#",6.5,MEDIUM,0.00046999999904073775,false,false,false,false,,false,false,2023-10-10T18:15:00.000Z,0
CVE-2020-17002,https://securityvulnerability.io/vulnerability/CVE-2020-17002,Azure SDK for C Security Feature Bypass Vulnerability,Azure SDK for C Security Feature Bypass Vulnerability,Microsoft,"Azure-c-shared-utility,Azure-c-shared-utility Release Lts 07 2020 Ref02,Azure-c-shared-utility Release Lts 02 2020 Ref02,Azure-uaMQp-c,Azure-uMQtt-c,Azure-uhttp-c,Azure-utpm-c,Azure-uaMQp-c Release Lts 07 2020 Ref02,Azure-uMQtt-c Release Lts 07 2020 Ref02,Azure-uhttp-c Release Lts 07 2020 Ref02,Azure-utpm-c Release Lts 07 2020 Ref02,Azure-uaMQp-c Release Lts 02 2020 Ref02,Azure-uMQtt-c Release Lts 02 2020 Ref02,Azure-uhttp-c Release Lts 02 2020 Ref02,Azure-utpm-c Release Lts 02 2020 Ref02,C Sdk For Azure Iot Release Lts 07 2020 Ref02,C Sdk For Azure Iot Release Lts 02 2020 Ref02,C Sdk For Azure Iot",7.4,HIGH,0.003370000049471855,false,false,false,false,,false,false,2020-12-10T00:15:00.000Z,0
CVE-2019-5917,https://securityvulnerability.io/vulnerability/CVE-2019-5917,,azure-umqtt-c (available through GitHub prior to 2017 October 6) allows remote attackers to cause a denial of service via unspecified vectors.,Microsoft,Azure-uMQtt-c,7.5,HIGH,0.004530000034719706,false,false,false,false,,false,false,2019-03-12T21:00:00.000Z,0
CVE-2018-8479,https://securityvulnerability.io/vulnerability/CVE-2018-8479,,"A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka ""Azure IoT SDK Spoofing Vulnerability."" This affects C SDK.",Microsoft,C Sdk,5.6,MEDIUM,0.0015899999998509884,false,false,false,false,,false,false,2018-09-13T00:00:00.000Z,0
CVE-2018-0599,https://securityvulnerability.io/vulnerability/CVE-2018-0599,,Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.,Microsoft,The Installer Of Visual C++ Redistributable,7.8,HIGH,0.027400000020861626,false,false,false,false,,false,false,2018-06-26T14:00:00.000Z,0
CVE-2018-8119,https://securityvulnerability.io/vulnerability/CVE-2018-8119,,"A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka ""Azure IoT SDK Spoofing Vulnerability."" This affects C# SDK, C SDK, Java SDK.",Microsoft,"C# Sdk,C Sdk,Java Sdk",5.6,MEDIUM,0.0015899999998509884,false,false,false,false,,false,false,2018-05-09T19:00:00.000Z,0
CVE-2009-2495,https://securityvulnerability.io/vulnerability/CVE-2009-2495,,"The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka ""ATL Null String Vulnerability.""",Microsoft,"Visual C\+\+,Visual Studio .net,Visual Studio",,,0.176269993185997,false,false,false,false,,false,false,2009-07-29T17:00:00.000Z,0
CVE-2009-0901,https://securityvulnerability.io/vulnerability/CVE-2009-0901,,"The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka ""ATL Uninitialized Object Vulnerability.""",Microsoft,"Visual C\+\+,Visual Studio .net,Visual Studio",,,0.8499600291252136,false,false,false,false,,false,false,2009-07-29T17:00:00.000Z,0
CVE-2009-2493,https://securityvulnerability.io/vulnerability/CVE-2009-2493,,"The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka ""ATL COM Initialization Vulnerability.""",Microsoft,Visual C\+\+,,,0.7119699716567993,false,false,false,false,,false,false,2009-07-29T17:00:00.000Z,0
CVE-2007-0842,https://securityvulnerability.io/vulnerability/CVE-2007-0842,,"The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that this is a design limitation of the functions, and the vulnerability lies with any application that does not validate arguments to these functions.  However, this behavior is inconsistent with documentation, which does not list assertions as a possible result of an error condition.",Microsoft,"Visual Studio,Visual C\+\+",,,0.01063000038266182,false,false,false,false,,false,false,2007-02-13T11:00:00.000Z,0
CVE-2004-0200,https://securityvulnerability.io/vulnerability/CVE-2004-0200,,"Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.",Microsoft,"Frontpage,Visual J\# .net,Visual C\+\+,Digital Image Pro,Visual Studio .net,Project,Visual Basic,Picture It,Powerpoint,Office,Outlook,Digital Image Suite,Infopath,Publisher,Word,Excel,Visio,Greetings,Onenote,Visual C\#,Producer,.net Framework",,,0.9617199897766113,false,false,false,false,,false,false,2004-09-28T04:00:00.000Z,0