VYPR

Azure Devops

by Microsoft

CVEs (45)

  • CVE-2026-42826CriMay 7, 2026
    risk 0.65cvss 10.0epss 0.01

    Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-23658HigMar 19, 2026
    risk 0.56cvss 8.6epss 0.01

    Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2019-1306Sep 11, 2019
    risk 0.02cvss epss 0.16

    A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.

  • CVE-2019-1072Jul 15, 2019
    risk 0.02cvss epss 0.12

    A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.

  • CVE-2023-21564Feb 14, 2023
    risk 0.01cvss epss 0.01

    Azure DevOps Server Cross-Site Scripting Vulnerability

  • CVE-2021-27067Apr 13, 2021
    risk 0.01cvss epss 0.03

    Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability

  • CVE-2019-0971May 16, 2019
    risk 0.01cvss epss 0.08

    An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure…

  • CVE-2019-0857Apr 9, 2019
    risk 0.01cvss epss 0.04

    A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.

  • CVE-2026-21512Feb 10, 2026
    risk 0.00cvss epss 0.01

    Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.

  • CVE-2025-47158Jul 18, 2025
    risk 0.00cvss epss 0.01

    Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2025-29813May 8, 2025
    risk 0.00cvss epss 0.02

    Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2024-35267Jul 9, 2024
    risk 0.00cvss epss 0.02

    Azure DevOps Server Spoofing Vulnerability

  • CVE-2024-35266Jul 9, 2024
    risk 0.00cvss epss 0.02

    Azure DevOps Server Spoofing Vulnerability

  • CVE-2024-20667Feb 13, 2024
    risk 0.00cvss epss 0.01

    Azure DevOps Server Remote Code Execution Vulnerability

  • CVE-2023-21751Dec 13, 2023
    risk 0.00cvss epss 0.01

    Azure DevOps Server Spoofing Vulnerability

  • CVE-2023-36437Nov 14, 2023
    risk 0.00cvss epss 0.02

    Azure DevOps Server Remote Code Execution Vulnerability

  • CVE-2023-36561Oct 10, 2023
    risk 0.00cvss epss 0.01

    Azure DevOps Server Elevation of Privilege Vulnerability

  • CVE-2023-38155Sep 12, 2023
    risk 0.00cvss epss 0.01

    Azure DevOps Server Remote Code Execution Vulnerability

  • CVE-2023-33136Sep 12, 2023
    risk 0.00cvss epss 0.02

    Azure DevOps Server Remote Code Execution Vulnerability

  • CVE-2023-36869Aug 8, 2023
    risk 0.00cvss epss 0.01

    Azure DevOps Server Spoofing Vulnerability

Page 1 of 3