Microsoft Azure Devops Server

24 CVEs affecting Microsoft Azure Devops Server. Latest disclosed: 2024-02-13. Critical: 2, High: 5.

Top CVEs affecting Microsoft Azure Devops Server
CVESeverityScorePublishedSummary
CVE-2019-1306Critical9.82019-09-11A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps…
CVE-2019-1072Critical9.82019-07-15A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server a…
CVE-2023-33136High8.82023-09-12Azure DevOps Server Remote Code Execution Vulnerability
CVE-2024-20667High7.52024-02-13Azure DevOps Server Remote Code Execution Vulnerability
CVE-2020-0758High7.52020-03-12An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps S…
CVE-2019-0875High7.52019-04-09An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation…
CVE-2023-38155High7.02023-09-12Azure DevOps Server Remote Code Execution Vulnerability
CVE-2019-0971Medium6.52019-05-16An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authe…
CVE-2019-0857Medium6.52019-04-09A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azu…
CVE-2023-36869Medium6.32023-08-08Azure DevOps Server Spoofing Vulnerability
CVE-2020-1327Medium6.12020-06-09A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnera…
CVE-2019-0874Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site…
CVE-2019-0871Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0870Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0869Medium6.12019-04-09A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnera…
CVE-2019-0868Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0867Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0866Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2020-1326Medium5.42020-07-14A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site…
CVE-2020-0700Medium5.42020-03-12A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site…