1219 matches found
CVE-2024-1901
CVE-2024-1901 describes a denial of service in Devolutions Server 2023.3.14.0 during PAM password rotation in the check-in process. An authenticated user with specific PAM permissions can render PAM credentials unavailable. The CVSS vector indicates network access, low attack complexity, and low ...
Devolutions Server Security Vulnerability
Devolutions Server is an application from Devolutions Canada. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2023.3.14.0 and prior versions, which stems from improper privilege management in the Just-in-ti...
Devolutions Server Security Vulnerability
Devolutions Server is an application from Devolutions Canada. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2023.3.14.0 and prior versions, which stems from incorrect access control in the notification...
Devolutions Server Security Vulnerability
Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2023.3.14.0 and prior versions, which stems from incorrect session management in the identity...
Devolutions Server Security Vulnerability
Devolutions Server is an application from Devolutions Canada. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2023.3.14.0 and prior versions, which originates from PAM password rotation during the sign-in...
CVE-2024-0589
Cross-site scripting XSS vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry...
Cross site scripting
Cross-site scripting XSS vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry...
CVE-2024-0589
Cross-site scripting XSS vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry...
CVE-2024-0589
Cross-site scripting XSS vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry...
CVE-2024-0589
CVE-2024-0589 is an XSS vulnerability in Devolutions Remote Desktop Manager (RDM) for Windows, affecting version 2023.3.36 and earlier. The issue resides in the entry overview tab, where an attacker with access to a data source can inject a malicious script via a specially crafted input in an ent...
PT-2024-15670 · Devolutions · Devolutions Remote Desktop Manager
Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2023.3.36 and earlier Description: A cross-site scripting XSS issue exists in the entry overview tab, allowing an attacker with access to a data source to inject a malicious script via a specially...
CVE-2023-7047
Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL dat...
Design/Logic Flaw
Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL dat...
CVE-2023-7047
Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL dat...
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction...
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction...
Design/Logic Flaw
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction...
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction...
CVE-2023-6593
CVE-2023-6593 concerns a client-side permission bypass in Devolutions Remote Desktop Manager (iOS) 2023.3.4.0 and earlier. According to Red Hat and related sources, an attacker who has access to the application can execute entries in a SQL data source without restriction. The vulnerability is des...
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction...