Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
team foundation server vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-0871
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-20...
Microsoft Team Foundation Server 2018
Microsoft Team Foundation Server 2017
Microsoft Azure Devops Server 2019
1 Article
5.4
CVSSv3
CVE-2020-0700
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
Microsoft Team Foundation Server 2018
Microsoft Team Foundation Server 2017
Microsoft Azure Devops Server 2019.0.1
3 Articles
5.4
CVSSv3
CVE-2020-17145
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
Microsoft Team Foundation Server 2018
Microsoft Team Foundation Server 2017
Microsoft Team Foundation Server 2015
Microsoft Azure Devops Server 2019
Microsoft Azure Devops Server 2019.0.1
Microsoft Azure Devops Server 2020
6.5
CVSSv3
CVE-2021-27067
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
Microsoft Team Foundation Server 2018
Microsoft Team Foundation Server 2017
Microsoft Team Foundation Server 2015
Microsoft Azure Devops Server 2019
Microsoft Azure Devops Server 2019.0.1
Microsoft Azure Devops Server 2020
7.5
CVSSv3
CVE-2020-0758
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0...
Microsoft Azure Devops Server 2019.0.1
Microsoft Azure Devops Server 2019
Microsoft Team Foundation Server 2017
Microsoft Team Foundation Server 2018
3 Articles
3.3
CVSSv3
CVE-2020-2249
Jenkins Team Foundation Server Plugin 5.157.1 and previous versions stores a webhook secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.
Jenkins Team Foundation Server
4.3
CVSSv3
CVE-2021-21636
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and previous versions allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.
Jenkins Team Foundation Server
8.8
CVSSv3
CVE-2021-21638
A cross-site request forgery (CSRF) vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and previous versions allows malicious users to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials ...
Jenkins Team Foundation Server
6.5
CVSSv3
CVE-2021-21637
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials ...
Jenkins Team Foundation Server
9.8
CVSSv3
CVE-2018-8529
A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team.
Microsoft Team Foundation Server 2018
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »