23 matches found
CVE-2024-2241
Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...
EUVD-2023-33763
Malicious code in bioql PyPI...
CVE-2023-2257
Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub Business space without being prompted to enter the password via an unimplemented "Force Login" securi...
CVE-2024-2241
Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...
Improper access control
Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...
CVE-2024-2241
CVE-2024-2241 affects Devolutions Workspace (versions up to and including 2024.1.0). The vulnerability is due to improper access control in the user interface, allowing an authenticated user to perform unintended actions through specific permissions. The Red Hat/NVD entries corroborate the same d...
CVE-2024-2241
Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...
CVE-2024-2241
Improper access control in the user interface in Devolutions Workspace 2024.1.0 and earlier allows an authenticated user to perform unintended actions via specific permissions...
Devolutions Workspace Security Breach
Devolutions Workspace is a mobile and desktop application from Devolutions Canada. A security vulnerability exists in Devolutions Workspace version 2024.1.0 and earlier, which stems from improper access control and allows an authenticated user to perform unexpected actions with specific privilege...
PT-2024-19400 · Devolutions · Devolutions Workspace
Name of the Vulnerable Software and Affected Versions: Devolutions Workspace versions 2024.1.0 and earlier Description: The issue is related to improper access control in the user interface, allowing an authenticated user to perform unintended actions via specific permissions. Recommendations: Fo...
CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
Code injection
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
CVE-2023-6588
CVE-2023-6588 affects Devolutions Workspace (versions 2023.3.2.0 and earlier) where offline mode is always enabled in the Devolutions Server data source. The underlying issue allows an attacker with access to the Workspace application to access credentials while offline. The NVD entry lists a CVS...
Devolutions Workspace Security Breach
Devolutions Workspace is a mobile and desktop application from Devolutions Canada. A security vulnerability exists in Devolutions Workspace version 2023.3.2.0 and earlier, which stems from the fact that an attacker with privileged access to the Workspace application can access credentials while...
PT-2023-32707 · Devolutions · Devolutions Workspace
Name of the Vulnerable Software and Affected Versions: Devolutions Workspace versions 2023.3.2.0 and earlier Description: The issue allows an attacker with access to the Workspace application to access credentials when offline, due to offline mode being always enabled, even if permission disallow...
CVE-2023-2257
Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub Business space without being prompted to enter the password via an unimplemented "Force Login" securi...
CVE-2023-2257
Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub Business space without being prompted to enter the password via an unimplemented "Force Login" securi...
Authentication flaw
Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub Business space without being prompted to enter the password via an unimplemented "Force Login" securi...
CVE-2023-2257
Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub Business space without being prompted to enter the password via an unimplemented "Force Login" securi...