Azure Devops Server

azure_devops_server

Vendor: Microsoft • 40 CVEs

CVEs (40)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-21512 1Microsoft 1Azure Devops Server Feb 11, 2026 Feb 10, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.
CVE-2024-35267 1Microsoft 1Azure Devops Server Nov 21, 2024 Jul 9, 2024 N/A· v4 7.6 HIGH· v3 N/A· v2 Azure DevOps Server Spoofing Vulnerability
CVE-2024-35266 1Microsoft 1Azure Devops Server Nov 21, 2024 Jul 9, 2024 N/A· v4 7.6 HIGH· v3 N/A· v2 Azure DevOps Server Spoofing Vulnerability
CVE-2024-20667 1Microsoft 1Azure Devops Server Nov 21, 2024 Feb 13, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-21751 1Microsoft 1Azure Devops Server Nov 21, 2024 Dec 14, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Azure DevOps Server Spoofing Vulnerability
CVE-2023-36561 1Microsoft 1Azure Devops Server Nov 21, 2024 Oct 10, 2023 N/A· v4 7.3 HIGH· v3 N/A· v2 Azure DevOps Server Elevation of Privilege Vulnerability
CVE-2023-38155 1Microsoft 1Azure Devops Server Nov 21, 2024 Sep 12, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-33136 1Microsoft 1Azure Devops Server Nov 21, 2024 Sep 12, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-36869 1Microsoft 1Azure Devops Server Nov 21, 2024 Aug 8, 2023 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Azure DevOps Server Spoofing Vulnerability
CVE-2023-21569 1Microsoft 1Azure Devops Server Nov 21, 2024 Jun 14, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Azure DevOps Server Spoofing Vulnerability
CVE-2023-21565 1Microsoft 1Azure Devops Server Nov 21, 2024 Jun 14, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 Azure DevOps Server Spoofing Vulnerability
CVE-2023-21553 1Microsoft 1Azure Devops Server Nov 21, 2024 Feb 14, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Azure DevOps Server Remote Code Execution Vulnerability
CVE-2023-21564 1Microsoft 1Azure Devops Server Nov 21, 2024 Feb 14, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 Azure DevOps Server Cross-Site Scripting Vulnerability
CVE-2021-28459 1Microsoft 1Azure Devops Server Nov 21, 2024 Apr 13, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Azure DevOps Server Spoofing Vulnerability
CVE-2021-27067 1Microsoft 2Azure Devops Server Team Foundation Server Nov 21, 2024 Apr 13, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
CVE-2020-17145 1Microsoft 2Azure Devops Server Team Foundation Server Aug 28, 2025 Dec 10, 2020 N/A· v4 5.4 MEDIUM· v3 4.9 MEDIUM· v2 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
CVE-2020-17135 1Microsoft 1Azure Devops Server Aug 28, 2025 Dec 10, 2020 N/A· v4 5.4 MEDIUM· v3 4.9 MEDIUM· v2 Azure DevOps Server Spoofing Vulnerability
CVE-2020-1325 1Microsoft 1Azure Devops Server Nov 21, 2024 Nov 11, 2020 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
CVE-2020-1326 1Microsoft 1Azure Devops Server Nov 21, 2024 Jul 14, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
CVE-2020-1327 1Microsoft 1Azure Devops Server Nov 21, 2024 Jun 9, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.

12 Next