Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
devolutions remote desktop manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3545
Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop Manager 2024.1.20 and previous versions on windows and Devolutions Server 2024.1.8 and previous versions allows an malicious user to access sensitive informations contained in the offlin...
NA
CVE-2024-2403
Improper cleanup in temporary file handling component in Devolutions Remote Desktop Manager 2024.1.12 and previous versions on Windows allows an attacker that compromised a user endpoint, under specific circumstances, to access sensitive information via residual files in the tem...
5.4
CVSSv3
CVE-2024-0589
Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and previous versions on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.
Devolutions Remote Desktop Manager
4.4
CVSSv3
CVE-2023-7047
Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This af...
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and previous versions on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.
Devolutions Remote Desktop Manager
7.8
CVSSv3
CVE-2023-6288
Code injection in Remote Desktop Manager 2023.3.9.3 and previous versions on macOS allows an malicious user to execute code via the DYLIB_INSERT_LIBRARIES environment variable.
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-5765
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and previous versions on Windows allows an malicious user to bypass permissions via data source switching.
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-5766
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and previous versions on Windows allows an malicious user to remotely execute code from another windows user session on the same host via a specially crafted TCP packet.
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-4373
Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and previous versions permits a user to initiate a connection without proper execution rights via the remote tools feature.
Devolutions Remote Desktop Manager
6.5
CVSSv3
CVE-2023-4417
Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and previous versions versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults v...
Devolutions Remote Desktop Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »