1219 matches found
CVE-2025-1193
CVE-2025-1193 affects Devolutions Remote Desktop Manager (Windows) prior to 2024.3.20.0, with the root cause described as improper host validation in the certificate validation component for 2024.3.19 and earlier. The vulnerability enables an attacker to intercept and modify encrypted communicati...
CVE-2025-1193
Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and earlier on Windows allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack by presenting a certificate for a different host...
Devolutions Remote Desktop Manager 信任管理问题漏洞
Devolutions Remote Desktop Manager is an application from Devolutions Canada Inc. It provides remote desktop management functionality. A trust management issue vulnerability exists in Devolutions Remote Desktop Manager version 2024.3.19 and prior versions, which stems from improper host validatio...
Devolutions Server Installed (Windows)
Binary data devolutionsserverwininstalled.nbin...
Devolutions Server Information Disclosure (DEVO-2024-0015)
An information exposure in Devolutions Server 2024.3.6 and earlier on Windows is affected by Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier allows a malicious authenticated user to obtain sensitive data via faulty permission. Note that Nessus has...
Devolutions Remote Desktop Manager Multiple Vulnerabilities (DEVO-2024-0016)
The remote installation of Devolutions Server is affected by the following vulnerabilities: - Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the View Password...
Devolutions Remote Desktop Manager Multiple Vulnerabilities (DEVO-2024-0016)
The remote installation of Devolutions Server is affected by Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager 2024.3.17 and earlier on Windows allows an authenticated user to bypass the MFA validation via data source switching. CVE-2024-11671 Note th...
CVE-2024-12196
Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier allows an authenticated user to view the password history of an entry without the view password permission...
CVE-2024-12196
Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier allows an authenticated user to view the password history of an entry without the view password permission...
CVE-2024-12148
Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...
CVE-2024-12149
Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0 and earlier on Windows allows an authenticated user that request temporary permissions on an entry to obtain more privileges than requested...
CVE-2024-12151
Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...
CVE-2024-12148
Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...
CVE-2024-12151
Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...
CVE-2024-12148
Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...
CVE-2024-12148
CVE-2024-12148 affects Devolutions Server 2024.3.6.0 and earlier. The root cause is incorrect authorization in the permission validation component, allowing an authenticated user to access some reporting endpoints. Impact is limited to unauthorized access to reporting data as described in multipl...
CVE-2024-12148
Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints...
CVE-2024-12149
Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0 and earlier on Windows allows an authenticated user that request temporary permissions on an entry to obtain more privileges than requested...
CVE-2024-12151
Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0 and earlier allows users to retain their old permission sets...
CVE-2024-12151
CVE-2024-12151 affects Devolutions Server (versions 2024.3.8.0 and earlier) due to an incorrect permission assignment in the User Migration feature, allowing users to retain their old permission sets. The vulnerable component is the User Migration feature; root cause: incorrect permission handlin...