1219 matches found
CVE-2026-3221
Sensitive user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker with access to the database to obtain sensitive user information via direct database access...
PT-2026-21978
Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.14 and earlier Description Sensitive user account information is not encrypted in the database. An attacker gaining access to the database can obtain this sensitive information through direct database access...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.14 contained a security vulnerability; this vulnerability stemmed from the...
CVE-2026-3131
Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...
CVE-2026-3131
Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...
CVE-2026-1768
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...
CVE-2026-1768
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...
CVE-2026-3131
Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...
CVE-2026-3131
CVE-2026-3131 : Devolutions Server prior to 2025.3.14.0 suffers improper access control in multiple DVLS REST API endpoints, allowing an authenticated user with view-only permission to access sensitive connection data. Connected sources indicate remediation by upgrading to 2025.3.15.0 or later; o...
CVE-2026-3131
Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...
CVE-2026-3131
Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...
CVE-2026-1768
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...
CVE-2026-1768
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...
CVE-2026-1768
CVE-2026-1768 describes a permission cache poisoning vulnerability in Devolutions Server that allows authenticated users to bypass permissions and access entries. Affected are Devolutions Server versions prior to 2025.3.15. The issue is confirmed across multiple sources and is addressed by upgrad...
CVE-2026-1768
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.15 contained security vulnerabilities, which were caused by privilege cach...
Devolutions Server 安全漏洞
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.14.0 contained security vulnerabilities. These vulnerabilities stemmed fro...
PT-2026-21792
Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.14.0 and earlier Description An issue exists in Devolutions Server where improper access control in several DVLS REST API endpoints allows an authenticated user with view-only permissions to access sensitive...
PT-2026-21786
Name of the Vulnerable Software and Affected Versions Devolutions Server versions prior to 2025.3.15 Description An authenticated user can bypass permissions and access entries due to a permission cache poisoning issue in Devolutions Server. Recommendations Update Devolutions Server to version...
CVE-2026-1007
Incorrect Authorization vulnerability in virtual gateway component in Devolutions Server allows attackers to bypass deny IP rules.This issue affects Server: from 2025.3.1 through 2025.3.12...