Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
team foundation server vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-0871
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-20...
Microsoft Team Foundation Server 2018
Microsoft Team Foundation Server 2017
Microsoft Azure Devops Server 2019
1 Article
5.4
CVSSv3
CVE-2020-0700
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
Microsoft Team Foundation Server 2017
Microsoft Team Foundation Server 2018
Microsoft Azure Devops Server 2019.0.1
3 Articles
6.5
CVSSv3
CVE-2021-27067
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
Microsoft Team Foundation Server 2018
Microsoft Team Foundation Server 2017
Microsoft Team Foundation Server 2015
Microsoft Azure Devops Server 2019
Microsoft Azure Devops Server 2019.0.1
Microsoft Azure Devops Server 2020
5.4
CVSSv3
CVE-2020-17145
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
Microsoft Team Foundation Server 2018
Microsoft Team Foundation Server 2017
Microsoft Team Foundation Server 2015
Microsoft Azure Devops Server 2019
Microsoft Azure Devops Server 2019.0.1
Microsoft Azure Devops Server 2020
7.5
CVSSv3
CVE-2020-0758
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0...
Microsoft Team Foundation Server 2017
Microsoft Team Foundation Server 2018
Microsoft Azure Devops Server 2019
Microsoft Azure Devops Server 2019.0.1
3 Articles
6.5
CVSSv3
CVE-2021-21637
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials ...
Jenkins Team Foundation Server
8.8
CVSSv3
CVE-2021-21638
A cross-site request forgery (CSRF) vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and previous versions allows malicious users to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials ...
Jenkins Team Foundation Server
3.3
CVSSv3
CVE-2020-2249
Jenkins Team Foundation Server Plugin 5.157.1 and previous versions stores a webhook secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.
Jenkins Team Foundation Server
4.3
CVSSv3
CVE-2021-21636
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and previous versions allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.
Jenkins Team Foundation Server
5.4
CVSSv3
CVE-2019-0646
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.
Microsoft Team Foundation Server 2018
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »