Team Foundation Server

CVEs (16)

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2019-1306	Microsoft Visual Studio Team Foundation Server	0.02	—	0.26	Sep 11, 2019	A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.
CVE-2019-1072	Microsoft Visual Studio Team Foundation Server	0.02	—	0.24	Jul 15, 2019	A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.
CVE-2018-8529	Microsoft Teams	0.02	—	0.30	Nov 15, 2018	A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team.
CVE-2019-0647	Microsoft Teams	0.01	—	0.14	Jan 17, 2019	An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Information Disclosure Vulnerability." This affects Team.
CVE-2019-1305	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	Sep 11, 2019	A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
CVE-2019-1076	Microsoft Visual Studio Team Foundation Server	0.00	—	0.00	Jul 15, 2019	A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
CVE-2019-0979	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	May 16, 2019	A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0872.
CVE-2019-0872	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	May 16, 2019	A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979.
CVE-2019-0871	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	Apr 9, 2019	A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866,…
CVE-2019-0870	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	Apr 9, 2019	A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866,…
CVE-2019-0866	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	Apr 9, 2019	A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0867,…
CVE-2019-0868	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	Apr 9, 2019	A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866,…
CVE-2019-0867	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	Apr 9, 2019	A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866,…
CVE-2019-0777	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	Apr 9, 2019	A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
CVE-2019-0742	Microsoft Visual Studio Team Foundation Server	0.00	—	0.01	Mar 6, 2019	A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743.
CVE-2018-8602	Microsoft Teams	0.00	—	0.01	Nov 14, 2018	A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.

CVE-2019-1306Sep 11, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.02cvss —epss 0.26
A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.
CVE-2019-1072Jul 15, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.02cvss —epss 0.24
A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.
CVE-2018-8529Nov 15, 2018
Microsoft
Teams
risk 0.02cvss —epss 0.30
A remote code execution vulnerability exists when Team Foundation Server (TFS) does not enable basic authorization on the communication between the TFS and Search services, aka "Team Foundation Server Remote Code Execution Vulnerability." This affects Team.
CVE-2019-0647Jan 17, 2019
Microsoft
Teams
risk 0.01cvss —epss 0.14
An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Information Disclosure Vulnerability." This affects Team.
CVE-2019-1305Sep 11, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
CVE-2019-1076Jul 15, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.00
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
CVE-2019-0979May 16, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0872.
CVE-2019-0872May 16, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979.
CVE-2019-0871Apr 9, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866,…
CVE-2019-0870Apr 9, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866,…
CVE-2019-0866Apr 9, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0867,…
CVE-2019-0868Apr 9, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866,…
CVE-2019-0867Apr 9, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866,…
CVE-2019-0777Apr 9, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
CVE-2019-0742Mar 6, 2019
Microsoft
Visual Studio Team Foundation Server
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743.
CVE-2018-8602Nov 14, 2018
Microsoft
Teams
risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.