Lucene search
K

1382 matches found

Prion
Prion
added 2019/05/16 7:29 p.m.23 views

Information disclosure

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'...

9CVSS6.1AI score0.08464EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2019/05/16 7:29 p.m.16 views

Cross site scripting

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979...

3.5CVSS5.3AI score0.01697EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2019/05/16 6:24 p.m.27 views

CVE-2019-0971

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'...

6.2AI score0.08464EPSS
Exploits0References1
CVE
CVE
added 2019/05/16 6:24 p.m.76 views

CVE-2019-0979

Technical details (affected products, versions, root cause, exploitability) are not publicly provided in the connected documents; monitor for updates.

5.4CVSS5.3AI score0.01697EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2019/05/16 6:24 p.m.84 views

CVE-2019-0971

CVE-2019-0971 affects Azure DevOps Server and Team Foundation Server. It is an information disclosure vulnerability caused by improper sanitization of a specially crafted authentication request, allowing an authenticated attacker to perform server-side requests and access sensitive information. T...

9CVSS6.2AI score0.08464EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2019/05/16 6:24 p.m.33 views

CVE-2019-0979

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0872...

5.4AI score0.01697EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/05/16 6:17 p.m.24 views

CVE-2019-0872

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979...

5.4AI score0.01697EPSS
Exploits0References1
CVE
CVE
added 2019/05/16 6:17 p.m.78 views

CVE-2019-0872

CVE-2019-0872 is an XSS vulnerability in Microsoft’s Azure DevOps Server and Team Foundation Server caused by improper sanitization/validation of client-side input in the WEB application. The linked Red Hat entry confirms the root cause as a lack of proper input validation leading to cross-site s...

5.4CVSS5.3AI score0.01697EPSS
Exploits0References1Affected Software2
CNVD
CNVD
added 2019/05/15 12:0 a.m.2 views

Microsoft Team Foundation Server and Microsoft Azure DevOps Server Information Disclosure Vulnerability

Microsoft Team Foundation Server and Microsoft Azure DevOps Server are both products of Microsoft Corporation, U.S.A. Microsoft Team Foundation Server is a suite of Application Lifecycle Management ALM tools Microsoft Team Foundation Server is an application lifecycle management ALM suite of tool...

9CVSS6.9AI score0.08464EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/15 12:0 a.m.2 views

Microsoft Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability

Microsoft Team Foundation Server and Microsoft Azure DevOps Server are both products of Microsoft Corporation, U.S.A. Microsoft Team Foundation Server is a suite of Application Lifecycle Management ALM tools that provide a platform for team collaboration. Microsoft Team Foundation Server is an...

5.4CVSS6.2AI score0.01697EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/15 12:0 a.m.19 views

Security Updates for Microsoft Team Foundation Server / Azure DevOps Server (May 2019)

The Microsoft Team Foundation Server or Azure DevOps Server is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially...

9CVSS6.3AI score0.08464EPSS
Exploits0References9
Microsoft CVE
Microsoft CVE
added 2019/05/14 7:0 a.m.30 views

Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server,...

5.4CVSS1.7AI score0.01697EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/05/14 7:0 a.m.26 views

Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server. An attacker who successfully exploited this vulnerability could execute malicious code on a...

9CVSS2.5AI score0.08464EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/05/14 7:0 a.m.44 views

Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server,...

5.4CVSS1.7AI score0.01697EPSS
Exploits0
Symantec
Symantec
added 2019/05/14 12:0 a.m.51 views

Microsoft Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability

Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Azure DevOps Server 2019 Microsoft...

7AI score
Exploits0Affected Software2
Symantec
Symantec
added 2019/05/14 12:0 a.m.49 views

Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability

Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an cross-site scripting vulnerability because they fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.3AI score
Exploits0Affected Software2
Symantec
Symantec
added 2019/05/14 12:0 a.m.41 views

Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability

Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an cross-site scripting vulnerability because they fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7.3AI score
Exploits0Affected Software2
Kaspersky
Kaspersky
added 2019/05/14 12:0 a.m.71 views

KLA11485 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, gain privileges, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A deni...

9CVSS8.8AI score0.08464EPSS
Exploits0References41
HackRead
HackRead
added 2019/05/09 11:32 a.m.87 views

The Pitfalls of Keeping Your Ports Wide Open

By David Balaban Based on security assessment results, penetration testers often recommend hiding an enterprise network’s ports behind a whitelist. However, corporate IT teams don’t always understand the need for such a countermeasure. Even some admins and DevOps specialists with tons of experien...

1.5AI score
Exploits0
Wallarm Lab
Wallarm Lab
added 2019/04/30 8:29 p.m.66 views

Is your org structure threatening your IT security infrastructure?

5 Tips to Solve API Security Issues in Any IT Security Infrastructure Start listening. Integrating isn’t enough if your teams aren’t talking. In a hyper-competitive environment, keeping up with customer usability demands often means adopting a hyper-agile development process. It’s a dangerous...

7.5AI score
Exploits0
Rows per page
Query Builder