Microsoft Team_foundation_server

23 CVEs affecting Microsoft Team_foundation_server. Latest disclosed: 2021-04-13. Critical: 3, High: 1.

Top CVEs affecting Microsoft Team_foundation_server
CVESeverityScorePublishedSummary
CVE-2019-1306Critical9.82019-09-11A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps…
CVE-2019-1072Critical9.82019-07-15A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server a…
CVE-2018-8529Critical9.82018-11-15A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Sea…
CVE-2020-0758High7.52020-03-12An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps S…
CVE-2021-27067Medium6.52021-04-13Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
CVE-2019-0971Medium6.52019-05-16An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authe…
CVE-2019-0647Medium6.52019-01-17An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Inf…
CVE-2019-0871Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0870Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0868Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0867Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0866Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2020-17145Medium5.42020-12-10Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
CVE-2020-0700Medium5.42020-03-12A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site…
CVE-2019-1305Medium5.42019-09-11A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…
CVE-2019-1076Medium5.42019-07-15A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…
CVE-2019-0979Medium5.42019-05-16A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0872Medium5.42019-05-16A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0777Medium5.42019-04-09A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…
CVE-2019-0743Medium5.42019-03-05A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…