Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (February 2024)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...

Microsoft Azure DevOps Server Security Vulnerability

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as code sharing, work tracking, and software distribution. A security vulnerability exists in Microsoft Azure DevOps Server. The following produc...

Microsoft Azure DevOps Server Security Vulnerability

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as code sharing, work tracking, and software distribution. A security vulnerability exists in Microsoft Azure DevOps Server. An attacker exploiti...

Unspecified vulnerability in JetBrains TeamCity (CNVD-2019-40596)

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A security vulnerability exists in JetBrains...

JetBrains Rider Code Issue Vulnerability

JetBrains Rider is a cross-platform .NET integrated development environment IDE from the Czech company JetBrains. A code issue vulnerability exists in JetBrains Rider versions prior to 2019.1.2. The vulnerability stems from an improperly designed or implemented code development process for a...

JetBrains TeamCity Information Disclosure Vulnerability (CNVD-2019-39175)

TeamCity is a Java-based build management and continuous integration server from JetBrains. An information disclosure vulnerability exists in JetBrains TeamCity versions prior to 2019.1.2. An attacker can exploit the vulnerability to access the build history of deleted build configurations under...

JetBrains TeamCity Information Disclosure Vulnerability (CNVD-2019-39172)

TeamCity is a Java-based build management and continuous integration server from JetBrains. An information disclosure vulnerability exists in JetBrains TeamCity versions prior to 2019.1.2. An attacker can exploit the vulnerability to "view build runtime parameters and data"...

CVE-2019-18367

In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions...

CVE-2019-18363

In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances...

CVE-2019-14960

JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file...

Privilege escalation

UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid presentation file in %PROGRAMDATA%\TechSmith\TechSmith Recorder\QueuedPresentations and then creating a symbolic link in %PROGRAMDATA%\Techsmith\TechSmith Recorder\InvalidPresentations that points to an arbitra...