11 matches found
CVE-2026-1007
Incorrect Authorization vulnerability in virtual gateway component in Devolutions Server allows attackers to bypass deny IP rules.This issue affects Server: from 2025.3.1 through 2025.3.12...
CVE-2026-1007
Incorrect Authorization vulnerability in virtual gateway component in Devolutions Server allows attackers to bypass deny IP rules.This issue affects Server: from 2025.3.1 through 2025.3.12...
CVE-2026-1007
Incorrect Authorization vulnerability in virtual gateway component in Devolutions Server allows attackers to bypass deny IP rules.This issue affects Server: from 2025.3.1 through 2025.3.12...
CVE-2026-1007
CVE-2026-1007: Incorrect Authorization in Devolutions Server's virtual gateway component allows bypassing deny IP rules. Affected server versions: 2025.3.1–2025.3.12. CVSS v3.1 base score 7.6 (Network, Low attack complexity, High privileges required, Confidentiality Low, Integrity High, Availabil...
CVE-2026-1007
Incorrect Authorization vulnerability in virtual gateway component in Devolutions Server allows attackers to bypass deny IP rules.This issue affects Server: from 2025.3.1 through 2025.3.12...
CVE-2026-1007
Incorrect Authorization vulnerability in virtual gateway component in Devolutions Server allows attackers to bypass deny IP rules.This issue affects Server: from 2025.3.1 through 2025.3.12...
Devolutions Server security vulnerabilities
Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. Versions of Devolutions Server prior to 2025.3.12 contained a security vulnerability caused by improper authorization in...
PT-2026-3442
Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.1 through 2025.3.12 Description An incorrect authorization issue exists in the virtual gateway component of Devolutions Server. This allows attackers to bypass deny IP rules. Recommendations Update Devolution...
CVE-2021-0235
On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series devices using tenant services on Juniper Networks Junos OS, due to incorrect permission scheme assigned to tenant system administrators, a tenant system administrator may inadvertently send their network traffic to...
CVE-2021-0221
In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address VGA is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic. The traffic loop will cause interface traffic to increase abnormally, ultimately leading to a Denial of Service DoS in...
Design/Logic Flaw
In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address VGA is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic. The traffic loop will cause interface traffic to increase abnormally, ultimately leading to a Denial of Service DoS in...