Microsoft

Azure Devops Server

43 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-0996

  • EPSS 8.13%
  • Veröffentlicht 12.06.2019 14:29:02
  • Zuletzt bearbeitet 20.05.2025 18:15:34

A spoofing vulnerability exists in Azure DevOps Server when it improperly handles requests to authorize applications, resulting in a cross-site request forgery. An attacker who successfully exploited this vulnerability could bypass OAuth protections ...

5.4

CVE-2019-0979

  • EPSS 0.46%
  • Veröffentlicht 16.05.2019 19:29:04
  • Zuletzt bearbeitet 21.11.2024 04:17:36

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID i...

9

CVE-2019-0971

  • EPSS 10.1%
  • Veröffentlicht 16.05.2019 19:29:04
  • Zuletzt bearbeitet 21.11.2024 04:17:35

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Serve...

5.4

CVE-2019-0872

  • EPSS 0.46%
  • Veröffentlicht 16.05.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:17:25

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID i...

7.5

CVE-2019-0875

  • EPSS 3.44%
  • Veröffentlicht 09.04.2019 21:29:03
  • Zuletzt bearbeitet 21.11.2024 04:17:25

An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'.

6.1

CVE-2019-0874

  • EPSS 0.45%
  • Veröffentlicht 09.04.2019 21:29:03
  • Zuletzt bearbeitet 21.11.2024 04:17:25

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.

6.5

CVE-2019-0857

  • EPSS 16.38%
  • Veröffentlicht 09.04.2019 21:29:02
  • Zuletzt bearbeitet 21.11.2024 04:17:23

A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.

6.1

CVE-2019-0871

  • EPSS 0.48%
  • Veröffentlicht 09.04.2019 21:29:02
  • Zuletzt bearbeitet 21.11.2024 04:17:25

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID i...

6.1

CVE-2019-0870

  • EPSS 0.48%
  • Veröffentlicht 09.04.2019 21:29:02
  • Zuletzt bearbeitet 21.11.2024 04:17:25

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID i...

6.1

CVE-2019-0869

  • EPSS 0.49%
  • Veröffentlicht 09.04.2019 21:29:02
  • Zuletzt bearbeitet 21.11.2024 04:17:25

A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.