809 matches found
Devolutions Server 安全漏洞
Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2025.3.5.0 and earlier, which stems from improper access control and could lead to passwo...
PT-2025-45339
Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.2.15.0 through 2025.3.5.0 Description A flaw in access control allows a View-only user to access sensitive, deeply nested data, specifically custom values within password lists, potentially leading to password...
Devolutions Server 安全漏洞
Devolutions Server is an application from Devolutions Canada Inc. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2025.3.5.0 and earlier, which stems from improper privilege management during pre-MFA cookie...
Devolutions Server Improper Input Validation Vulnerability
Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. Devolutions Server suffers from an improper input validation vulnerability that stems from...
Devolutions Server Unauthorized Access Vulnerability
Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. An unauthorized access vulnerability exists in Devolutions Server that stems from improper...
CVE-2025-11958
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...
EUVD-2025-35611
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...
EUVD-2025-35612
Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...
CVE-2025-11958
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...
CVE-2025-11958
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...
CVE-2025-11957
Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...
CVE-2025-11957
Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...
CVE-2025-11957
Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...
CVE-2025-11957
Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...
CVE-2025-11957
Devolutions Server (versions up to and including 2025.2.12.0) is affected by an improper authorization vulnerability in the temporary access workflow. An authenticated basic user can self-approve or approve others’ temporary access requests, enabling unauthorized access to vaults and entries via ...
CVE-2025-11958
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...
CVE-2025-11958
An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...
CVE-2025-11958
Devolutions Server
Devolutions Server 安全漏洞
Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. An unauthorized access vulnerability exists in Devolutions Server that stems from improper...
Devolutions Server 安全漏洞
Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. Devolutions Server suffers from an improper input validation vulnerability that stems from...