Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:40 a.m.10 views

CVE-2019-0971

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'...

9CVSS6.3AI score0.08464EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/15 12:0 a.m.75 views

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (February 2024)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...

7.5CVSS8.6AI score0.01359EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/10 12:0 a.m.31 views

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (October 2023)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for this issue but has instead relied only on...

7.3CVSS7.7AI score0.00847EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/14 12:0 a.m.32 views

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (September 2023)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by multiple server remote code execution vulnerabilities. An authenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands. Note that Ness...

8.8CVSS9.1AI score0.01742EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.23 views

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (June 2023)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by multiple server spoofing vulnerabilities. An attacker who successfully exploited the vulnerability could access data that is available for the current user. Depending on the...

7.1CVSS6.7AI score0.00933EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/04/16 12:0 a.m.119 views

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (April 2021)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by multiple vulnerabilities. An attacker can exploit these to either perform actions with the privileges of another user or disclose sensitive information. Note all systems require...

6.5CVSS6.8AI score0.02645EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2020/12/08 12:0 a.m.42 views

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (December 2020)

The Microsoft Team Foundation Server or Azure DevOps install is missing security updates. It is, therefore, affected by multiple spoofing vulnerabilities. An attacker can exploit these to perform actions with the privileges of another user. Note that Nessus has not tested for these issues but has...

6.4CVSS6AI score0.01512EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.6 views

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation resulting in a stored cross-site scripting vulnerability.

...

5.4CVSS7AI score0.00853EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/06/29 2:37 p.m.4 views

jenkins-git-plugin: stored cross-site scripting

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00853EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/06/17 10:38 p.m.3 views

jenkins-git-plugin: stored cross-site scripting

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00853EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/07/12 12:0 a.m.134 views

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (July 2019)

The Microsoft Team Foundation or Azure DevOps Server is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A Cross-site Scripting XSS vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could...

9.8CVSS7.5AI score0.12442EPSS
Exploits0References2
Symantec
Symantec
added 2019/07/09 12:0 a.m.70 views

Microsoft Team Foundation Server CVE-2019-1076 Cross Site Scripting Vulnerability

Description Microsoft Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

6.4AI score0.01627EPSS
Exploits0Affected Software2
Prion
Prion
added 2019/05/16 7:29 p.m.23 views

Information disclosure

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'...

9CVSS6.1AI score0.08464EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2019/05/16 6:24 p.m.27 views

CVE-2019-0971

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'...

6.2AI score0.08464EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/15 12:0 a.m.19 views

Security Updates for Microsoft Team Foundation Server / Azure DevOps Server (May 2019)

The Microsoft Team Foundation Server or Azure DevOps Server is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially...

9CVSS6.3AI score0.08464EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.31 views

Security Updates for Microsoft Team Foundation Server / Azure DevOps Server (April 2019)

The Microsoft Team Foundation Server or Azure DevOps Server installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project...

7.5CVSS6.5AI score0.03858EPSS
Exploits0References15
Symantec
Symantec
added 2019/04/09 12:0 a.m.22 views

Microsoft Team Foundation Server CVE-2019-0867 Cross Site Scripting Vulnerability

Description Microsoft Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

6.4AI score0.02387EPSS
Exploits0Affected Software2
Symantec
Symantec
added 2019/03/12 12:0 a.m.36 views

Microsoft Team Foundation Server CVE-2019-0777 Cross Site Scripting Vulnerability

Description Microsoft Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

6.1AI score0.01697EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/12 12:0 a.m.33 views

Security Updates for Microsoft Team Foundation Server (March 2019)

The Microsoft Team Foundation Server installation on the remote host is missing a security update. It is, therefore, affected by a cross- site scripting XSS vulnerability that exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploi...

5.4CVSS5.9AI score0.01697EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/02/14 12:0 a.m.41 views

Security Updates for Microsoft Team Foundation Server (February 2019)

The Microsoft Team Foundation Server installation on the remote host is missing security updates. It is, therefore, affected by multiple cross-site scripting vulnerabilities. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation...

5.4CVSS6AI score0.01773EPSS
Exploits0References4
Rows per page
Query Builder