1222 matches found
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction...
CVE-2023-6593
CVE-2023-6593 concerns a client-side permission bypass in Devolutions Remote Desktop Manager (iOS) 2023.3.4.0 and earlier. According to Red Hat and related sources, an attacker who has access to the application can execute entries in a SQL data source without restriction. The vulnerability is des...
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction...
Devolutions Remote Desktop Manager Security Vulnerability
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2023.3.4.0 and prior versions, which originated from a vulnerability that allows an...
CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
Code injection
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
CVE-2023-6588
CVE-2023-6588 affects Devolutions Workspace (versions 2023.3.2.0 and earlier) where offline mode is always enabled in the Devolutions Server data source. The underlying issue allows an attacker with access to the Workspace application to access credentials while offline. The NVD entry lists a CVS...
CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
Devolutions Workspace Security Breach
Devolutions Workspace is a mobile and desktop application from Devolutions Canada. A security vulnerability exists in Devolutions Workspace version 2023.3.2.0 and earlier, which stems from the fact that an attacker with privileged access to the Workspace application can access credentials while...
PT-2023-32707 · Devolutions · Devolutions Workspace
Name of the Vulnerable Software and Affected Versions: Devolutions Workspace versions 2023.3.2.0 and earlier Description: The issue allows an attacker with access to the Workspace application to access credentials when offline, due to offline mode being always enabled, even if permission disallow...
Devolutions Remote Desktop Manager Code Injection Vulnerability
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager macOS version 2023.3.9.3 and earlier versions. An attacker could exploit the vulnerability to...
CVE-2023-6264
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints...
CVE-2023-6264
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints...
Information disclosure
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints...
CVE-2023-6264
The CVE-2023-6264 case concerns Devolutions Server (version 2023.3.7.0). The issue is an information leak in the Content-Security-Policy header that allows an unauthenticated attacker to list configured Devolutions Gateways endpoints, i.e., information disclosure with network access (no authentic...
CVE-2023-6264
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints...
PT-2023-32581 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server version 2023.3.7.0 Description: The issue concerns an information leak in the Content-Security-Policy header, allowing an unauthenticated attacker to list the configured Devolutions Gateways endpoints. Recommendations: For...
Devolutions Server Information Disclosure Vulnerability
Devolutions Server is an application from Devolutions Canada. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2023.3.7.0. An attacker could exploit the vulnerability to list configured Devolutions Gateway...
CVE-2023-5765
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching...