Vulnerabilidades em Devolutions
152 resultadosCVE-2024-10971MEDIUMImproper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier allows a malicious authenticated user to obEPSS 0.5%CVE-2026-3224CRITICALAuthentication bypass in the Microsoft Entra ID (Azure AD) authentication mode in Devolutions Server 2025.3.15.0 and earlier allows an unautEPSS 0.5%CVE-2024-6055MEDIUMImproper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on WinEPSS 0.5%CVE-2022-2316—HTML injection vulnerability in secure messages of Devolutions Server before 2022.2 allows attackers to alter the rendering of the page or rEPSS 0.5%CVE-2025-5334HIGHExposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager
allows EPSS 0.5%CVE-2023-1574MEDIUMInformation disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on WindoEPSS 0.5%CVE-2025-2280HIGHImproper access control in web extension restriction feature in Devolutions Server 2024.3.4.0
and earlier allows an authenticated user to EPSS 0.5%CVE-2025-4433HIGHImproper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "UsEPSS 0.5%CVE-2023-4417—Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows EPSS 0.4%CVE-2026-3130CRITICALImproper Enforcement of Behavioral Controls in Devolutions Server 2025.3.15 and earlier allows an authenticated attacker with the delete perEPSS 0.4%CVE-2024-12196MEDIUMIncorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier allows an authenticated user to view the paEPSS 0.4%CVE-2023-2400LOWImproper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view useEPSS 0.4%CVE-2023-1202MEDIUMPermission bypass when importing or synchronizing entries in User vault
in Devolutions Remote Desktop Manager 2023.1.9 and prior versions EPSS 0.4%CVE-2022-3781MEDIUMDashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop ManageEPSS 0.4%CVE-2023-2282LOWImproper access control in the Web Login listener in Devolutions Remote Desktop Manager 2023.1.22 and earlier on Windows allows an authenticEPSS 0.4%CVE-2026-2590CRITICALImproper
enforcement of the Disable password saving in vaults setting in the
connection entry component in Devolutions Remote Desktop ManaEPSS 0.4%CVE-2025-2278MEDIUMImproper access control in temporary access requests and checkout requests endpoints in Devolutions Server 2024.3.13 and earlier allows an aEPSS 0.4%CVE-2024-2403MEDIUM
Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and
earlier on Windows allows an attaEPSS 0.4%CVE-2025-2003HIGHIncorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' pEPSS 0.4%CVE-2025-11958MEDIUMAn improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server 2025.2.15.0 and earlier allows an authenticatEPSS 0.4%