Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
DevolutionsDevolutions Server

4 matches found

CVE
CVEadded 2023/03/10 9:15 p.m.48 views

CVE-2023-1201

Improper access control in the secure messages feature in Devolutions Server 2022.3.12 and below allows an authenticated attacker that possesses the message UUID to access the data it contains.

6.5CVSS6.3AI score0.00216EPSS
CVE
CVEadded 2023/03/01 8:15 a.m.45 views

CVE-2023-0952

Improper access controls on entries in Devolutions Server2022.3.12 and earlier could allow an authenticated user to accesssensitive data without proper authorization.

6.5CVSS6.3AI score0.00158EPSS
CVE
CVEadded 2023/03/01 8:15 a.m.43 views

CVE-2023-0951

Improper access controls on some API endpoints in Devolutions Server 2022.3.12and earlier could allow a standard privileged user to perform privilegedactions.

8.8CVSS8.4AI score0.00214EPSS
CVE
CVEadded 2023/03/01 8:15 a.m.39 views

CVE-2023-0953

Insufficient input sanitization in the documentation feature of Devolutions Server 2022.3.12 and earlier allows an authenticated attacker to perform an SQL Injection, potentially resulting in unauthorized access to system resources.

8.8CVSS8.4AI score0.00284EPSS