522 matches found
CVE-2023-21565 Azure DevOps Server Spoofing Vulnerability
...
Azure DevOps Server Spoofing Vulnerability
...
Azure DevOps Server Spoofing Vulnerability
...
PT-2023-3135 · Microsoft · Azure Devops Server
Name of the Vulnerable Software and Affected Versions: Azure DevOps Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. It may allow a remote attacker to conduct spoofing attacks. Recommendations: At the...
Microsoft Azure DevOps Server 安全漏洞
Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as code sharing, work tracking, and software distribution. A security vulnerability exists in Microsoft Azure DevOps Server. The following produc...
Microsoft Azure DevOps Server 安全漏洞
Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as code sharing, work tracking, and software distribution. A security vulnerability exists in Microsoft Azure DevOps Server. The following produc...
PT-2023-3136 · Microsoft · Azure Devops Server
Name of the Vulnerable Software and Affected Versions: Azure DevOps Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Remote code execution...
Malicious code in eu.tsystems.mms.tic.testerra.plugins.azuredevops.tests (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3ba3635b5a021d627f0f232cf46f53846cc953c75659700eae5ee919ebfca455 The OpenSSF Package Analysis project identified 'eu.tsystems.mms.tic.testerra.plugins.azuredevops.tests' @ 1.0.0 npm as malicious. It is...
CVE-2023-25722
A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...
Code injection
A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...
CVE-2023-25722
Summary of concrete details (CVE-2023-25722) Multiple connected sources document a credential-leak vulnerability in Veracode integrations. The affected components include: Veracode Scan Jenkins Plugin prior to 23.3.19.0 when configured for remote agent jobs (and when using proxy with credentials)...
PT-2023-20274 · Veracode · Veracode Azure Devops Extension +2
Name of the Vulnerable Software and Affected Versions: Veracode Scan Jenkins Plugin versions prior to 23.3.19.0 Veracode Azure DevOps Extension versions prior to 3.20.0 Description: A credential-leak issue was discovered in related Veracode products. The Veracode Scan Jenkins Plugin, when...
CVE-2023-25722
A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...
The vulnerability of Azure DevOps Server lies in insufficient input validation, which allows attackers to execute arbitrary code.
The vulnerability of Azure DevOps Server is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially created file...
Microsoft Team Foundation Server and Azure DevOps Server 2020 RCE
The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by a remote code execution vulnerability. Note all systems require a manual process of applying new resource group tasks. Nessus is unable to detect the state of the tasks at this...
The vulnerability of the Azure DevOps Server software, related to improper code generation management, allows a attacker to execute arbitrary code.
The vulnerability of Azure DevOps Server lies in improper code generation management. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
CVE-2023-21553
Azure DevOps Server Remote Code Execution Vulnerability...
CVE-2023-21553
Azure DevOps Server Remote Code Execution Vulnerability...
CVE-2023-21553
Azure DevOps Server Remote Code Execution Vulnerability...