Microsoft Azure_devops_server

40 CVEs affecting Microsoft Azure_devops_server. Latest disclosed: 2026-02-10. Critical: 2, High: 12.

Top CVEs affecting Microsoft Azure_devops_server
CVESeverityScorePublishedSummary
CVE-2019-1306Critical9.82019-09-11A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps…
CVE-2019-1072Critical9.82019-07-15A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server a…
CVE-2023-33136High8.82023-09-12Azure DevOps Server Remote Code Execution Vulnerability
CVE-2024-35267High7.62024-07-09Azure DevOps Server Spoofing Vulnerability
CVE-2024-35266High7.62024-07-09Azure DevOps Server Spoofing Vulnerability
CVE-2024-20667High7.52024-02-13Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-21553High7.52023-02-14Azure DevOps Server Remote Code Execution Vulnerability
CVE-2020-0815High7.52020-03-12An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps S…
CVE-2020-0758High7.52020-03-12An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps S…
CVE-2019-0875High7.52019-04-09An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation…
CVE-2023-36561High7.32023-10-10Azure DevOps Server Elevation of Privilege Vulnerability
CVE-2023-21565High7.12023-06-14Azure DevOps Server Spoofing Vulnerability
CVE-2023-21564High7.12023-02-14Azure DevOps Server Cross-Site Scripting Vulnerability
CVE-2023-38155High7.02023-09-12Azure DevOps Server Remote Code Execution Vulnerability
CVE-2026-21512Medium6.52026-02-10Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.
CVE-2023-21751Medium6.52023-12-14Azure DevOps Server Spoofing Vulnerability
CVE-2021-27067Medium6.52021-04-13Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
CVE-2019-0996Medium6.52019-06-12A spoofing vulnerability exists in Azure DevOps Server when it improperly handles requests to authorize applications, resulting in a cross-site request forgery…
CVE-2019-0971Medium6.52019-05-16An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authe…
CVE-2019-0857Medium6.52019-04-09A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azu…