Lucene search
K

387 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.6 views

Devolutions Remote Desktop Manager 2026.2.5 < 2026.2.12 Code Execution (DEVO-2026-0021)

The version of Devolutions Remote Desktop Manager installed on the remote host is 2026.2.5 through 2026.2.11. It is, therefore, affected by a code execution vulnerability: - Incorrect link resolution by display name in the custom PowerShell VPN editor allows an authenticated attacker with write...

7.2CVSS6.5AI score0.00278EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 7:16 p.m.8 views

CVE-2026-13372

Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name...

7.2CVSS0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 6:22 p.m.8 views

EUVD-2026-39832

Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name...

7.2CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 6:22 p.m.37 views

CVE-2026-13372

Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name...

0.00278EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52892

Name of the Vulnerable Software and Affected Versions Devolutions Remote Desktop Manager versions 2026.2.5 through 2026.2.11 Description An issue exists in the custom PowerShell VPN editor where incorrect link resolution by display name allows an authenticated attacker with write access to a shar...

7.2CVSS5.9AI score0.00278EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Devolutions Remote Desktop Manager <= 2026.2.7 Command Injection (DEVO-2026-0018)(CVE-2026-12161)

The version of Devolutions Remote Desktop Manager installed on the remote host is 2025.2.7 or earlier. It is, therefore, affected by a command injection vulnerability: - Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticat...

8.8CVSS6.1AI score0.00295EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.5 views

Devolutions Remote Desktop Manager <= 2026.2.8 Improper Host Validation (DEVO-2026-0018)(CVE-2026-12162)

The version of Devolutions Remote Desktop Manager installed on the remote host is 2025.2.8 or earlier. It is, therefore, affected by an improper host validation vulnerability: - Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an...

5.5CVSS5.9AI score0.00112EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 3:30 a.m.10 views

EUVD-2026-37023

Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alterna...

5.7AI score0.00295EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 3:30 a.m.9 views

EUVD-2026-37024

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...

5.3AI score0.00112EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 1:16 a.m.9 views

CVE-2026-12162

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...

5.5CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 11:56 p.m.34 views

CVE-2026-12162

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...

0.00112EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 11:56 p.m.35 views

CVE-2026-12162

The CVE-2026-12162 entry affects Devolutions Remote Desktop Manager 2026.2.8, due to an improper host validation in the social login autofill feature. The underlying issue allows an attacker to disclose stored social login credentials by pointing a crafted web entry to a provider domain that look...

5.5CVSS5.3AI score0.00112EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.17 views

PT-2026-49549

Name of the Vulnerable Software and Affected Versions Devolutions Remote Desktop Manager version 2026.2.7 Description Improper input validation in the SSH Elevate Shell feature allows an authenticated user with permissions to create or modify a shared SSH entry to execute arbitrary commands on a...

8.8CVSS5.8AI score0.00295EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.18 views

PT-2026-49550

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...

5.2AI score0.00112EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.7 views

Devolutions Remote Desktop Manager < 2025.3.32 / 2026.1 < 2026.1.6 Sensitive Information Exposure (DEVO-2026-0005)

The version of Devolutions Remote Desktop Manager installed on the remote host is prior to 2025.3.32 or 2026.1 prior to 2026.1.6. It is, therefore, affected by a sensitive information exposure vulnerability: - Improper enforcement of the Disable password saving in vaults setting in the connection...

9.8CVSS6.2AI score0.00421EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.5 views

CVE-2026-2590

Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...

9.8CVSS5.9AI score0.00421EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/04 12:30 a.m.5 views

EUVD-2026-9331

Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...

9.8CVSS5.9AI score0.00421EPSS
Exploits0References2
NVD
NVD
added 2026/03/03 10:16 p.m.8 views

CVE-2026-2590

Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...

9.8CVSS0.00421EPSS
Exploits0References1
OSV
OSV
added 2026/03/03 10:16 p.m.7 views

CVE-2026-2590

Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References1
CVE
CVE
added 2026/03/03 9:22 p.m.22 views

CVE-2026-2590

CVE-2026-2590 affects Devolutions Remote Desktop Manager up to version 2025.3.30. The issue is improper enforcement of the Disable password saving in vaults setting in the connection entry component, allowing an authenticated user to persist credentials in vault entries by creating or editing cer...

9.8CVSS5.9AI score0.00421EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder