382 matches found
Devolutions Remote Desktop Manager <= 2026.2.8 Improper Host Validation (DEVO-2026-0018)(CVE-2026-12162)
The version of Devolutions Remote Desktop Manager installed on the remote host is 2025.2.8 or earlier. It is, therefore, affected by an improper host validation vulnerability: - Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an...
Devolutions Remote Desktop Manager <= 2026.2.7 Command Injection (DEVO-2026-0018)(CVE-2026-12161)
The version of Devolutions Remote Desktop Manager installed on the remote host is 2025.2.7 or earlier. It is, therefore, affected by a command injection vulnerability: - Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticat...
EUVD-2026-37023
Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alterna...
EUVD-2026-37024
Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...
CVE-2026-12162
Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...
CVE-2026-12162
The CVE-2026-12162 entry affects Devolutions Remote Desktop Manager 2026.2.8, due to an improper host validation in the social login autofill feature. The underlying issue allows an attacker to disclose stored social login credentials by pointing a crafted web entry to a provider domain that look...
CVE-2026-12162
Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...
PT-2026-49550
Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...
PT-2026-49549
Name of the Vulnerable Software and Affected Versions Devolutions Remote Desktop Manager version 2026.2.7 Description Improper input validation in the SSH Elevate Shell feature allows an authenticated user with permissions to create or modify a shared SSH entry to execute arbitrary commands on a...
Devolutions Remote Desktop Manager <= 2025.3.30 Sensitive Information Exposure (DEVO-2026-0005)
The version of Devolutions Remote Desktop Manager installed on the remote host is 2025.3.30 or earlier. It is, therefore, affected by a sensitive information exposure vulnerability: - Improper enforcement of the Disable password saving in vaults setting in the connection entry component in...
CVE-2026-2590
Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...
EUVD-2026-9331
Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...
CVE-2026-2590
Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...
CVE-2026-2590
Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...
CVE-2026-2590
Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...
CVE-2026-2590
Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...
CVE-2026-2590
Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially exposing sensitive information to other users, by...
CVE-2026-2590
CVE-2026-2590 affects Devolutions Remote Desktop Manager up to version 2025.3.30. The issue is improper enforcement of the Disable password saving in vaults setting in the connection entry component, allowing an authenticated user to persist credentials in vault entries by creating or editing cer...
Devolutions Remote Desktop Manager 安全漏洞
Devolutions Remote Desktop Manager is an application system developed by the Canadian company Devolutions. It provides remote desktop management capabilities. The Devolutions Remote Desktop Manager versions prior to 2025.3.30 contained a security vulnerability. This vulnerability stemmed from...
PT-2026-22827
Name of the Vulnerable Software and Affected Versions Devolutions Remote Desktop Manager versions 2025.3.30 and earlier Description An issue exists in the connection entry component of the software where the 'Disable password saving in vaults' setting is not properly enforced. This allows an...