Lucene search
K

1393 matches found

NVD
NVD
added 2020/03/12 4:15 p.m.33 views

CVE-2020-0700

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...

5.4CVSS5.5AI score0.01328EPSS
Exploits0References1
NVD
NVD
added 2020/03/12 4:15 p.m.39 views

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

7.5CVSS7.6AI score0.02015EPSS
Exploits0References1
OSV
OSV
added 2020/03/12 4:15 p.m.3 views

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

7.5CVSS7.1AI score0.02015EPSS
Exploits0References1
OSV
OSV
added 2020/03/12 4:15 p.m.3 views

CVE-2020-0700

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...

5.4CVSS5.8AI score0.01328EPSS
Exploits0References1
Prion
Prion
added 2020/03/12 4:15 p.m.23 views

Privilege escalation

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758...

6CVSS7.6AI score0.02015EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/03/12 4:15 p.m.27 views

Cross site scripting

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...

3.5CVSS5.3AI score0.01328EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2020/03/12 4:15 p.m.26 views

Privilege escalation

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

6CVSS7.6AI score0.02015EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/03/12 3:48 p.m.39 views

CVE-2020-0815

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758...

7.6AI score0.01837EPSS
Exploits0References1
CVE
CVE
added 2020/03/12 3:48 p.m.90 views

CVE-2020-0815

Technical details about CVE-2020-0815 are not provided in the connected documents. The initial entry describes an elevation of privilege related to Azure DevOps pipeline tokens but lacks vulnerable component/version specifics. Monitor for updates.

7.5CVSS7.5AI score0.01837EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/03/12 3:48 p.m.95 views

CVE-2020-0758

CVE-2020-0758 describes an elevation of privilege in Azure DevOps Server and Team Foundation Services caused by improper handling of pipeline job tokens. The vulnerability enables an attacker to gain higher privileges via the token mechanism, with network-based access (CVSSv3.1: 7.5, HIGH; ATT&CK...

7.5CVSS7.5AI score0.02015EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/03/12 3:48 p.m.36 views

CVE-2020-0758

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...

7.6AI score0.02015EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/03/12 3:48 p.m.34 views

CVE-2020-0700

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...

5.7AI score0.01328EPSS
Exploits0References1
CVE
CVE
added 2020/03/12 3:48 p.m.93 views

CVE-2020-0700

CVE-2020-0700 is a Cross-site Scripting (XSS) vulnerability in Azure DevOps Server where user input is not properly sanitized. The underlying issue is improper sanitization of inputs, allowing an authenticated attacker to send a crafted payload that executes in the context of the current user whe...

5.4CVSS5.6AI score0.01328EPSS
Exploits0References1Affected Software2
CNVD
CNVD
added 2020/03/12 12:0 a.m.2 views

Microsoft Azure DevOps Server and Microsoft Team Foundation Server Elevation of Privilege Vulnerability (CNVD-2020-28437)

Microsoft Team Foundation Server and Microsoft Azure DevOps Server are both products of Microsoft Corporation, U.S.A. Microsoft Team Foundation Server is a suite of Application Lifecycle Management ALM tools Microsoft Team Foundation Server is an application lifecycle management ALM suite of tool...

7.5CVSS7.2AI score0.01837EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/12 12:0 a.m.2 views

Microsoft Azure DevOps Server and Microsoft Team Foundation Server Elevation of Privilege Vulnerability

Microsoft Team Foundation Server and Microsoft Azure DevOps Server are both products of Microsoft Corporation, U.S.A. Microsoft Team Foundation Server is a suite of Application Lifecycle Management ALM tools Microsoft Team Foundation Server is an application lifecycle management ALM suite of tool...

7.5CVSS6.9AI score0.02015EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/11 12:0 a.m.3 views

Microsoft Azure DevOps Server Cross-Site Scripting Vulnerability (CNVD-2020-19008)

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. A cross-site scripting vulnerability exists in Azure DevOps Server that stems from the...

5.4CVSS6.1AI score0.01328EPSS
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/03/10 11:35 p.m.43 views

Smart Check Validated for New Bottlerocket OS

Containers provide a list of benefits to organizations that use them. They’re light, flexible, add consistency across the environment and operate in isolation. However, security concerns prevent some organizations from employing containers. This is despite containers having an extra layer of...

Exploits0
ThreatPost
ThreatPost
added 2020/03/10 9:19 p.m.118 views

Microsoft Patches 26 Critical Bugs in Big March Update

Microsoft tackled 115 bug fixes as part of its March Patch Tuesday update – 26 rated critical and 88 rated medium severity. The bugs patched span its product catalog, from Azure DevOps to Windows 10. This month’s haul is notable in its quantity and that there are only a few stand-out bugs causing...

9.3CVSS0.26869EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2020/03/10 7:0 a.m.41 views

Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project. To exploit this vulnerability, an attacker would first have...

7.5CVSS2.2AI score0.02015EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/03/10 7:0 a.m.39 views

Azure DevOps Server Cross-site Scripting Vulnerability

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the us...

5.4CVSS2AI score0.01328EPSS
Exploits0
Rows per page
Query Builder