1219 matches found
Devolutions Remote Desktop Manager Security Vulnerability
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2023.3.4.0 and prior versions, which originated from a vulnerability that allows an...
CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
Code injection
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
CVE-2023-6588
CVE-2023-6588 affects Devolutions Workspace (versions 2023.3.2.0 and earlier) where offline mode is always enabled in the Devolutions Server data source. The underlying issue allows an attacker with access to the Workspace application to access credentials while offline. The NVD entry lists a CVS...
CVE-2023-6588
Offline mode is always enabled, even if permission disallows it, in Devolutions Server data source in Devolutions Workspace 2023.3.2.0 and earlier. This allows an attacker with access to the Workspace application to access credentials when offline...
Devolutions Workspace Security Breach
Devolutions Workspace is a mobile and desktop application from Devolutions Canada. A security vulnerability exists in Devolutions Workspace version 2023.3.2.0 and earlier, which stems from the fact that an attacker with privileged access to the Workspace application can access credentials while...
PT-2023-32707 · Devolutions · Devolutions Workspace
Name of the Vulnerable Software and Affected Versions: Devolutions Workspace versions 2023.3.2.0 and earlier Description: The issue allows an attacker with access to the Workspace application to access credentials when offline, due to offline mode being always enabled, even if permission disallow...
Devolutions Remote Desktop Manager Code Injection Vulnerability
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager macOS version 2023.3.9.3 and earlier versions. An attacker could exploit the vulnerability to...
CVE-2023-6264
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints...
CVE-2023-6264
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints...
Information disclosure
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints...
CVE-2023-6264
The CVE-2023-6264 case concerns Devolutions Server (version 2023.3.7.0). The issue is an information leak in the Content-Security-Policy header that allows an unauthenticated attacker to list configured Devolutions Gateways endpoints, i.e., information disclosure with network access (no authentic...
CVE-2023-6264
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints...
Devolutions Server Information Disclosure Vulnerability
Devolutions Server is an application from Devolutions Canada. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2023.3.7.0. An attacker could exploit the vulnerability to list configured Devolutions Gateway...
PT-2023-32581 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server version 2023.3.7.0 Description: The issue concerns an information leak in the Content-Security-Policy header, allowing an unauthenticated attacker to list the configured Devolutions Gateways endpoints. Recommendations: For...
CVE-2023-5765
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching...
CVE-2023-5358
Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters...
CVE-2023-5358
Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters...
Improper access control
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching...