Microsoft Team_foundation_server
23 CVEs affecting Microsoft Team_foundation_server. Latest disclosed: 2021-04-13. Critical: 3, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-1306 | Critical | 9.8 | 2019-09-11 | A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps… |
CVE-2019-1072 | Critical | 9.8 | 2019-07-15 | A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server a… |
CVE-2018-8529 | Critical | 9.8 | 2018-11-15 | A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Sea… |
CVE-2020-0758 | High | 7.5 | 2020-03-12 | An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps S… |
CVE-2021-27067 | Medium | 6.5 | 2021-04-13 | Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability |
CVE-2019-0971 | Medium | 6.5 | 2019-05-16 | An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authe… |
CVE-2019-0647 | Medium | 6.5 | 2019-01-17 | An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Inf… |
CVE-2019-0871 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0870 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0868 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0867 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0866 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2020-17145 | Medium | 5.4 | 2020-12-10 | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability |
CVE-2020-0700 | Medium | 5.4 | 2020-03-12 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site… |
CVE-2019-1305 | Medium | 5.4 | 2019-09-11 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross… |
CVE-2019-1076 | Medium | 5.4 | 2019-07-15 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross… |
CVE-2019-0979 | Medium | 5.4 | 2019-05-16 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0872 | Medium | 5.4 | 2019-05-16 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0777 | Medium | 5.4 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross… |
CVE-2019-0743 | Medium | 5.4 | 2019-03-05 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross… |