1219 matches found
CVE-2026-4396
Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. There is a security vulnerability in Devolutions Server, which stems from improper certificate verification. This...
EUVD-2026-12950
Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
CVE-2026-4396
Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
CVE-2026-4396
Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
CVE-2026-4396
CVE-2026-4396 affects Devolutions Hub Reporting Service 2025.3.1.1 and earlier. The issue is improper certificate validation, allowing a network attacker to perform a MITM when TLS certificate verification is disabled. The connected sources provide this description but do not include exploit deta...
CVE-2026-4396
Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
Devolutions Hub Reporting Service 安全漏洞
The Devolutions Hub Reporting Service is a component of the Canadian company Devolutions that manages reports on the usage of remote access credentials. Versions of the Devolutions Hub Reporting Service prior to 2025.3.1.1 contained security vulnerabilities; these vulnerabilities were caused by...
PT-2026-26149
🟠 CVE-2026-4396 - High Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verif... https://t.co/fSciVkCYpu https://t.co/yeXegKnc3n...
Devolutions PowerShell Universal 安全漏洞
Devolutions PowerShell Universal is a comprehensive PowerShell platform developed by the Canadian company Devolutions. Versions of Devolutions PowerShell Universal prior to 2026.1.4 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authorization checks for multipl...
CVE-2026-3638
Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-privileged authenticated user to restore deleted users and roles via crafted API requests...
Devolutions Remote Desktop Manager <= 2025.3.30 Sensitive Information Exposure (DEVO-2026-0005)
The version of Devolutions Remote Desktop Manager installed on the remote host is 2025.3.30 or earlier. It is, therefore, affected by a sensitive information exposure vulnerability: - Improper enforcement of the Disable password saving in vaults setting in the connection entry component in...
EUVD-2026-10348
Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-privileged authenticated user to restore deleted users and roles via crafted API requests...
EUVD-2026-10349
Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-privileged authenticated user to restore deleted users and roles via crafted API requests...
CVE-2026-3638
Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-privileged authenticated user to restore deleted users and roles via crafted API requests...
CVE-2026-3638
CVE-2026-3638 : Multiple sources (NVD, Red Hat, ENISA, CVE List) describe an improper access control flaw in Devolutions Server up to version 2025.3.11.0. A low-privileged, authenticated user can restore deleted users and roles via crafted API requests on the user/role restore endpoints. Document...
CVE-2026-3638
Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-privileged authenticated user to restore deleted users and roles via crafted API requests...
CVE-2026-3638
Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-privileged authenticated user to restore deleted users and roles via crafted API requests...
PT-2026-24100
Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-privileged authenticated user to restore deleted users and roles via crafted API requests...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.11.0 contained security vulnerabilities. These vulnerabilities were due to...