CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-20667 – Azure DevOps Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-20667
13 Feb 2024 — Azure DevOps Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del servidor Azure DevOps • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20667 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21751 – Azure DevOps Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-21751
13 Dec 2023 — Azure DevOps Server Spoofing Vulnerability Vulnerabilidad de suplantación de identidad del servidor Azure DevOps • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21751 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-36561 – Azure DevOps Server Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36561
10 Oct 2023 — Azure DevOps Server Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Azure DevOps Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36561 • CWE-284: Improper Access Control •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-33136 – Azure DevOps Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-33136
12 Sep 2023 — Azure DevOps Server Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código del Servidor Azure DevOps • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33136 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.1EPSS: 1%CPEs: 5EXPL: 0CVE-2023-38155 – Azure DevOps Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38155
12 Sep 2023 — Azure DevOps Server Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código del Servidor Azure DevOps This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure DevOps Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the MachinePropertyBag class. The issue results from the lack of proper validation of user-sup... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38155 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-36869 – Azure DevOps Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-36869
08 Aug 2023 — Azure DevOps Server Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36869 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21569 – Azure DevOps Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-21569
13 Jun 2023 — Azure DevOps Server Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21569 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2023-21565 – Azure DevOps Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-21565
13 Jun 2023 — Azure DevOps Server Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21565 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-21553 – Azure DevOps Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21553
14 Feb 2023 — Azure DevOps Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21553 • CWE-94: Improper Control of Generation of Code ('Code Injection') •