Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1219 matches found

EUVD
EUVDadded 2025/10/22 6:30 p.m.4 views

EUVD-2025-35612

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...

8.4CVSS6.2AI score0.00298EPSS
Exploits0References2
OSV
OSVadded 2025/10/22 5:15 p.m.3 views

CVE-2025-11957

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...

9CVSS5.8AI score0.00298EPSS
Exploits0References1
OSV
OSVadded 2025/10/22 5:15 p.m.4 views

CVE-2025-11958

An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...

5.1CVSS5.8AI score0.00406EPSS
Exploits0References1
NVD
NVDadded 2025/10/22 5:15 p.m.4 views

CVE-2025-11957

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...

9CVSS0.00298EPSS
Exploits0References1
NVD
NVDadded 2025/10/22 5:15 p.m.6 views

CVE-2025-11958

An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...

5.1CVSS0.00406EPSS
Exploits0References1
CVE
CVEadded 2025/10/22 5:9 p.m.14 views

CVE-2025-11957

Devolutions Server (versions up to and including 2025.2.12.0) is affected by an improper authorization vulnerability in the temporary access workflow. An authenticated basic user can self-approve or approve others’ temporary access requests, enabling unauthorized access to vaults and entries via ...

9CVSS6.3AI score0.00298EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/10/22 5:9 p.m.2 views

CVE-2025-11957

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...

9CVSS6.3AI score0.00298EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/10/22 5:9 p.m.7 views

CVE-2025-11957

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...

9CVSS0.00298EPSS
Exploits0References1
CVE
CVEadded 2025/10/22 5:8 p.m.14 views

CVE-2025-11958

Devolutions Server

5.1CVSS6.1AI score0.00406EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/10/22 5:8 p.m.7 views

CVE-2025-11958

An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...

5.1CVSS0.00406EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/10/22 5:8 p.m.2 views

CVE-2025-11958

An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticated user to cause a denial of service to the Security Dashboard via a crafted request...

5.1CVSS6.1AI score0.00406EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/10/22 12:0 a.m.3 views

PT-2025-43380

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.2.12.0 and earlier Description A flaw in the temporary access workflow permits a user with basic authentication to approve their own temporary access requests or those of other users. This can lead to...

8.4CVSS6.7AI score0.00298EPSS
Exploits0References6
CNNVD
CNNVDadded 2025/10/22 12:0 a.m.2 views

Devolutions Server 安全漏洞

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. An unauthorized access vulnerability exists in Devolutions Server that stems from improper...

9CVSS6.2AI score0.00298EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/10/22 12:0 a.m.3 views

Devolutions Server 安全漏洞

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. Devolutions Server suffers from an improper input validation vulnerability that stems from...

5.1CVSS6.4AI score0.00406EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/10/22 12:0 a.m.4 views

PT-2025-43381

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.2.15.0 and earlier Description An improper input validation exists in the Security Dashboard's ignored-tasks API. An authenticated user can send a crafted request to cause a denial of service to the Security...

5.1CVSS6.3AI score0.00406EPSS
Exploits0References8
CNVD
CNVDadded 2025/10/21 12:0 a.m.4 views

Devolutions Server Improper Certificate Validation Vulnerability

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. Devolutions Server has an improper certificate validation vulnerability that originates from...

8.8CVSS6.6AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/10/16 8:41 p.m.15 views

CVE-2025-11619

Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic...

8.8CVSS6.8AI score0.0022EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/15 9:31 p.m.4 views

EUVD-2025-34693

Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic...

8.8CVSS6.3AI score0.0022EPSS
Exploits0References2
OSV
OSVadded 2025/10/15 8:15 p.m.3 views

CVE-2025-11619

Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic...

8.8CVSS5.8AI score0.0022EPSS
Exploits0References1
NVD
NVDadded 2025/10/15 8:15 p.m.4 views

CVE-2025-11619

Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic...

8.8CVSS0.0022EPSS
Exploits0References1
Rows per page
Query Builder