漏洞描述
Visual Studio用于诊断目的服务程序VSStandardCollectorService150,存在任意文件 DACL重置漏洞,可以利用该漏洞,实现本地权限提升。
Visual Studio特权提升漏洞(CVE-2024-20656)
PoC代码
暂无相关漏洞推荐
- POC vscode-settings: Visual Studio Code Settings - Credential Exposure
- POC vscode-mcp-json: Visual Studio Code MCP Configuration ("mcp.json") Exposure
- POC vscode-slnx-sqlite-disclosure: Visual Studio Code - Slnx.SQLite File Disclosure
- Cherry Studio 未授权 代码注入漏洞
- Sim Studio AI 服务端请求伪造漏洞(CVE-2025-9805)
- IBM Watson Studio on Cloud Pak for Data 跨站脚本漏洞
- Cherry Studio 命令注入漏洞
- POC CVE-2019-16931: WordPress Visualizer <3.3.1 - Cross-Site Scripting
- POC CVE-2019-16932: Visualizer <3.3.1 - Blind Server-Side Request Forgery
- POC CVE-2019-8982: Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery
- POC CVE-2021-24934: Visual CSS Style Editor < 7.5.4 - Cross-Site Scripting
- POC CVE-2021-42071: Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection
- POC CVE-2021-43421: Studio-42 elFinder <2.1.60 - Arbitrary File Upload