Devolutions Server Security Vulnerability

Devolutions Server is an application from Devolutions Canada. provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2022.3.13.0 and prior versions, which stems from incorrect access control and allows an attacker to...

CVE-2023-1202

Permission bypass when importing or synchronizing entries in User vault in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision...

Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2023.1.9 and prior versions, which arises from a vulnerability that allows users with...

PT-2023-17110 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2022.3.13 and prior Description: The issue allows users with restricted rights to bypass entry permission via id collision when importing or synchronizing entries in the User vault. Recommendations: For Devolutions...

JITSploitation III: Subverting Control Flow

Posted by Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed i...