Lucene search
K

1382 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2020/04/02 10:50 a.m.36 views

Cloud-First but Not Cloud-Only: Why Organizations Need to Simplify Cybersecurity

The global public cloud services market is on track to grow 17% this year, topping $266 billion. These are impressive figures, and whatever Covid-19 may do short-term to the macro-economy, they’re a sign of where the world is heading. But while many organizations may describe themselves as...

7.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2020/03/27 11:30 a.m.35 views

Akamai Delivers Fast Deployment and Edge Computing for Developers With March 2020 Release

With each iteration, Akamai moves nearer to our goal of enabling elite performance by the development teams that depend on Akamai for delivering reliable and highly performant experiences to their customers. The March 2020 release empowers teams to develop at the Akamai edge with even greater...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/03/20 12:0 a.m.3 views

The vulnerability of the Azure DevOps Server software lies in the lack of measures for cleaning input data, allowing attackers to execute cross-site scripting attacks.

The vulnerability of Azure DevOps Server software relates to the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

5.4CVSS5.6AI score0.01328EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/03/20 12:0 a.m.4 views

The vulnerability of Azure DevOps Server’s software development tools, related to insufficient access control, allows attackers to escalate their privileges.

The vulnerability of Azure DevOps Server relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

8.5CVSS7.1AI score0.01837EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/03/20 12:0 a.m.5 views

The vulnerabilities of Azure DevOps Server and Team Foundation Server software allow attackers to enhance their privileges.

The vulnerabilities of Azure DevOps Server and Team Foundation Server software allow attackers to exploit object processing errors. Exploiting these vulnerabilities can enable remote attackers to gain increased privileges...

8.5CVSS7.3AI score0.02015EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2020/03/19 2:1 p.m.47 views

Cloud Misconfig Mistakes Show Need For DevSecOps

Developers have become accustomed to deploying apps in data centers with what could be described as a “crunchy hard outer layer,” to keep their data center secure. But when it comes to the public cloud, “it just doesn’t exist that way,” said Ryan Olson, vice president of threat intelligence with...

7.4AI score
Exploits0References8
The Coalfire Blog
The Coalfire Blog
added 2020/03/13 12:50 a.m.12 views

What can Application Security Testing add to DevOps programs?

The adoption of DevOps practices by organizations to shorten the standard development lifecycle has put new pressure on security teams to keep up with the pace of development within CI/CD pipelines. In order to accomplish this, security teams need to provide better security insights to developers...

1.1AI score
Exploits0
NVD
NVD
added 2020/03/12 4:15 p.m.31 views

CVE-2020-0815

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758...

7.5CVSS7.6AI score0.01837EPSS
Exploits0References1
OSV
OSV
added 2020/03/12 4:15 p.m.4 views

CVE-2020-0815

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758...

7.5CVSS5.8AI score0.01837EPSS
Exploits0References1
NVD
NVD
added 2020/03/12 4:15 p.m.33 views

CVE-2020-0700

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...

5.4CVSS5.5AI score0.01328EPSS
Exploits0References1
NVD
NVD
added 2020/03/12 4:15 p.m.39 views

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

7.5CVSS7.6AI score0.02015EPSS
Exploits0References1
OSV
OSV
added 2020/03/12 4:15 p.m.3 views

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

7.5CVSS7.1AI score0.02015EPSS
Exploits0References1
OSV
OSV
added 2020/03/12 4:15 p.m.3 views

CVE-2020-0700

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...

5.4CVSS5.8AI score0.01328EPSS
Exploits0References1
Prion
Prion
added 2020/03/12 4:15 p.m.23 views

Privilege escalation

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758...

6CVSS7.6AI score0.02015EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/03/12 4:15 p.m.27 views

Cross site scripting

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...

3.5CVSS5.3AI score0.01328EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2020/03/12 4:15 p.m.26 views

Privilege escalation

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

6CVSS7.6AI score0.02015EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/03/12 3:48 p.m.39 views

CVE-2020-0815

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758...

7.6AI score0.01837EPSS
Exploits0References1
CVE
CVE
added 2020/03/12 3:48 p.m.90 views

CVE-2020-0815

Technical details about CVE-2020-0815 are not provided in the connected documents. The initial entry describes an elevation of privilege related to Azure DevOps pipeline tokens but lacks vulnerable component/version specifics. Monitor for updates.

7.5CVSS7.5AI score0.01837EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/03/12 3:48 p.m.95 views

CVE-2020-0758

CVE-2020-0758 describes an elevation of privilege in Azure DevOps Server and Team Foundation Services caused by improper handling of pipeline job tokens. The vulnerability enables an attacker to gain higher privileges via the token mechanism, with network-based access (CVSSv3.1: 7.5, HIGH; ATT&CK...

7.5CVSS7.5AI score0.02015EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/03/12 3:48 p.m.36 views

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

7.6AI score0.02015EPSS
Exploits0References1
Rows per page
Query Builder