CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

CVE-2024-11671

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching...

CVE-2024-11671

CVE-2024-11671 concerns Devolutions Remote Desktop Manager on Windows. Multiple sources confirm an improper authentication flaw in the SQL data source MFA validation, enabling an authenticated user to bypass MFA by switching data sources. Affected product/version: Devolutions Remote Desktop Manag...

PT-2024-17179 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2024.3.17 and earlier Description: The issue is related to improper authentication in SQL data source MFA validation, allowing an authenticated user to bypass the MFA validation via data source...

Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada Inc. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2024.3.17 and prior versions, which stems from incorrect authentication in SQL data...

CVE-2024-52342

creationtimestamp| type| source ---|---|--- 2024-11-19 00:04:58+00:00| seen| https://t.me/cvedetector/11402 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

The vulnerability of the libpq component in the PostgreSQL database management system allows attackers to circumvent existing security restrictions and execute a type of “man-in-the-middle” attack.

The vulnerability of the libpq component in the PostgreSQL database management system is related to the use of an unreliable data source. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and carry out a “man-in-the-middle” type attack...

The vulnerability in the CORS mechanism of Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to bypass security restrictions.

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a data source confirmation error. Exploiting this vulnerability can allow an attacker to bypass security restrictions remotely...

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a data source confirmation error during the processing of the resource://pdf.js path. Exploiting this vulnerability can allow an attacker to bypass security restrictions and gai...

CVE-2024-39719

creationtimestamp| type| source ---|---|--- 2024-10-31 21:57:42+00:00| seen| https://t.me/cvedetector/9536 2025-05-09 01:00:08+00:00| published-proof-of-concept| Telegram/Pmh7GqPqZEp7yCoSKiYzNwDev9YVek893setQPVdRhEh4RI 2025-09-24 00:43:16+00:00| seen| MISP/9e6b1b0e-5fb2-46d6-9aaf-7c64a1324e40...

CVE-2024-40855

creationtimestamp| type| source ---|---|--- 2024-10-28 21:24:10+00:00| seen| None...

CVE-2024-10433

creationtimestamp| type| source ---|---|--- 2024-10-28 01:56:28+00:00| seen| https://t.me/cvedetector/9079 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:30+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

CVE-2024-10411

creationtimestamp| type| source ---|---|--- 2024-10-27 06:42:18+00:00| seen| https://t.me/cvedetector/9050 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:32+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

CVE-2024-46997

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...

CVE-2024-46997 DataEase's H2 datasource has a remote command execution risk

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1...

Citrix Director - Troubleshoot Monitor data source errors

Director reports Monitor data source errors...

PT-2024-32329 · Dataease · Dataease

Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 2.10.1 Description: The issue allows an attacker to achieve remote command execution by adding a carefully constructed h2 data source connection string. This can be done by sending a POST request to the...

CVE-2024-20317

creationtimestamp| type| source ---|---|--- 2024-09-11 19:32:54+00:00| seen| https://t.me/cvedetector/5405...

CVE-2022-4529

creationtimestamp| type| source ---|---|--- 2024-09-05 13:50:23+00:00| seen| https://t.me/cvedetector/4901...