1320 matches found
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server,...
Microsoft Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Azure DevOps Server 2019 Microsoft...
Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an cross-site scripting vulnerability because they fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
KLA11485 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, gain privileges, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A deni...
Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an cross-site scripting vulnerability because they fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
The Pitfalls of Keeping Your Ports Wide Open
By David Balaban Based on security assessment results, penetration testers often recommend hiding an enterprise network’s ports behind a whitelist. However, corporate IT teams don’t always understand the need for such a countermeasure. Even some admins and DevOps specialists with tons of experien...
Is your org structure threatening your IT security infrastructure?
5 Tips to Solve API Security Issues in Any IT Security Infrastructure Start listening. Integrating isn’t enough if your teams aren’t talking. In a hyper-competitive environment, keeping up with customer usability demands often means adopting a hyper-agile development process. It’s a dangerous...
The Next Enterprise Challenge: How Best to Secure Containers and Monolithic Apps Together, Company-wide
Submitted by: Adam Boyle, Head of Product Management, Hybrid Cloud Security, Trend Micro When it comes to software container security, it’s important for enterprises to look at the big picture, taking into account how they see containers affecting their larger security requirements and future...
Call For Customer Presentations at Black Hat USA 2019!
Tell your security story to your peers at Black Hat USA 2019! Qualys is looking for customers excited to share your security story, for example: How you integrate security into DevOps Best practices for building security into modern enterprises Case studies leveraging the use of the Qualys Cloud...
Ancestry: On the Vanguard of DevOps Security
Grant Johnson, Ancestry's Director, Risk & Compliance This is a guest post by Grant Johnson, Director, Risk & Compliance at Ancestry Over the past two years, Ancestry moved its entire applications and data infrastructure from local data centers to Amazon’s cloud, and this required a new approach...
Azure DevOps Server Cross-Site Scripting Vulnerability
Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. A cross-site scripting vulnerability exists in Microsoft Azure DevOps Server 2019, whi...
Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability
Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...
Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-09616)
Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...
Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-09614)
Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...
Azure DevOps Server Elevation of Privilege Vulnerability
Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. An elevation of privilege vulnerability exists in Microsoft Azure DevOps Server 2019,...
Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-09615)
Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...
Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-09617)
Azure DevOps Server, formerly known as Team Foundation Server TFS, is a locally hosted set of collaborative software development tools.Azure DevOps Server integrates with existing IDEs or editors to enable cross-functional teams to effectively handle projects of all sizes.Team Foundation Server i...
CVE-2019-0875
An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'...
CVE-2019-0874
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...
CVE-2019-0875
An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'...