Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network.
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.
Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-33053
HIGH CVSS 8.8 KEV
Find Similar
External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.
Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
CVE-2024-43488
CRITICAL CVSS 9.8
Find Similar
Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.
Page 1+ Next →