Lucene search
K

1378 matches found

BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.6 views

The vulnerability of the Azure DevOps Server software development tools’ setup exists due to the lack of measures taken to neutralize specific elements. This vulnerability allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Azure DevOps Server software development tools exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of protected information through a specially...

6.1CVSS6.6AI score0.01955EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.4 views

The vulnerability in the setup of Azure DevOps Server and Team Foundation Server, a system for project management and version control, exists due to the lack of protective measures for the website structure. This allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Azure DevOps Server and Team Foundation Server project management and version control systems exists due to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integri...

6.1CVSS6.6AI score0.02626EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.4 views

The vulnerability in the setup of Azure DevOps Server and Team Foundation Server, a system for project management and version control, exists due to the lack of protective measures for the website structure. This allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Azure DevOps Server and Team Foundation Server project management and version control systems exists due to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integri...

6.1CVSS6.6AI score0.02387EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.4 views

The vulnerability of the Azure DevOps Server software development tools’ setup arises from insufficient validation of input data. This allows attackers to compromise the integrity of the protected information.

The vulnerability of the Azure DevOps Server software development tools exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the integrity of protected information by sending specially crafted payloads ...

6.5CVSS6.7AI score0.03858EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.4 views

The vulnerabilities of Azure DevOps Server and Team Foundation Server allow attackers to perform cross-site scripting attacks.

The vulnerability of Azure DevOps Server and Team Foundation Server lies in the lack of measures for input sanitization. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...

6.1CVSS6.3AI score0.02419EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.3 views

The vulnerability of the Azure DevOps Server software lies in the lack of measures for cleaning input data, allowing attackers to execute cross-site scripting attacks.

The vulnerability of Azure DevOps Server lies in the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.1CVSS6.3AI score0.01983EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.4 views

The vulnerability of the Azure DevOps Server software lies in the insufficient verification of access rights to projects, which allows a malicious individual to increase their privileges.

The vulnerability of the Azure DevOps Server development tool is related to insufficient verification of access rights to projects. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

7.5CVSS7.1AI score0.03023EPSS
Exploits0References2Affected Software1
Qualys Blog
Qualys Blog
added 2019/04/10 7:8 p.m.55 views

Ancestry: On the Vanguard of DevOps Security

Grant Johnson, Ancestry's Director, Risk & Compliance This is a guest post by Grant Johnson, Director, Risk & Compliance at Ancestry Over the past two years, Ancestry moved its entire applications and data infrastructure from local data centers to Amazon’s cloud, and this required a new approach...

7.1AI score
Exploits0
CNVD
CNVD
added 2019/04/10 12:0 a.m.3 views

Azure DevOps Server Elevation of Privilege Vulnerability

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. An elevation of privilege vulnerability exists in Microsoft Azure DevOps Server 2019,...

7.5CVSS6.9AI score0.03023EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/10 12:0 a.m.2 views

Azure DevOps Server Cross-Site Scripting Vulnerability

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. A cross-site scripting vulnerability exists in Microsoft Azure DevOps Server 2019, whi...

6.1CVSS6.3AI score0.01983EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/10 12:0 a.m.2 views

Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability

Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...

6.1CVSS6.2AI score0.02626EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/10 12:0 a.m.2 views

Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-09617)

Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...

6.1CVSS6.2AI score0.02419EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/10 12:0 a.m.2 views

Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-09616)

Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...

6.1CVSS6.2AI score0.02419EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/10 12:0 a.m.2 views

Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-09615)

Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...

6.1CVSS6.2AI score0.02419EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/10 12:0 a.m.2 views

Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-09614)

Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...

6.1CVSS6.2AI score0.02387EPSS
Exploits0References1
NVD
NVD
added 2019/04/09 9:29 p.m.26 views

CVE-2019-0874

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...

6.1CVSS5.9AI score0.01983EPSS
Exploits0References2
NVD
NVD
added 2019/04/09 9:29 p.m.30 views

CVE-2019-0875

An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'...

7.5CVSS7.6AI score0.03023EPSS
Exploits0References1
OSV
OSV
added 2019/04/09 9:29 p.m.3 views

CVE-2019-0875

An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'...

7.5CVSS7.1AI score0.03023EPSS
Exploits0References1
NVD
NVD
added 2019/04/09 9:29 p.m.34 views

CVE-2019-0857

A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'...

6.5CVSS6.4AI score0.03858EPSS
Exploits0References2
OSV
OSV
added 2019/04/09 9:29 p.m.2 views

CVE-2019-0866

A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0867, CVE-2019-0868,...

6.1CVSS5.8AI score0.02626EPSS
Exploits0References2
Rows per page
Query Builder