Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2018-1037

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.

Published: Apr 12, 2018
Updated: Nov 9, 2025
CVE: CVE-2018-1037
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-908

Affected Software
References

Software	From	Fixed in
microsoft / visual_studio	2010-sp1	2010-sp1.x
microsoft / visual_studio	2017	2017.x
microsoft / visual_studio	2015-update3	2015-update3.x
microsoft / visual_studio	2013-update5	2013-update5.x
microsoft / visual_studio	2012-update5	2012-update5.x
microsoft / visual_studio_2017	15.6.6	15.6.6.x
microsoft / visual_studio_2017	15.7	15.7.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo