8 matches found
CVE-2026-9522
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...
EUVD-2026-33937
Improper access control in the PAM account discovery feature in Devolutions Server 2026.1.19 and earlier allows an authenticated user without administrative privileges to delete network discovery scan configurations...
CVE-2026-3130
Improper Enforcement of Behavioral Controls in Devolutions Server 2025.3.15 and earlier allows an authenticated attacker with the delete permission to delete a PAM account that is currently checked out by selecting it alongside at least one non-checked-out account and performing a bulk deletion...
CVE-2026-3130
Improper Enforcement of Behavioral Controls in Devolutions Server 2025.3.15 and earlier allows an authenticated attacker with the delete permission to delete a PAM account that is currently checked out by selecting it alongside at least one non-checked-out account and performing a bulk deletion...
CVE-2026-3130
CVE-2026-3130 affects Devolutions Server 2025.3.15 and earlier. The issue is “improper enforcement of behavioral controls” that lets an authenticated user with delete permission delete a PAM account that is currently checked out when selected alongside at least one non-checked-out account in a bu...
PT-2026-22828
Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.15 and earlier Description An issue exists in Devolutions Server where improper enforcement of behavioral controls can allow an authenticated attacker with delete permission to remove a Privileged Access...
security flaw
login in util-linux-2.12a skips pamacctmgmt and chauthtok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pamacctmgmt and chauthtok...
DEBIAN-CVE-2006-7108
login in util-linux-2.12a skips pamacctmgmt and chauthtok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pamacctmgmt and chauthtok...