Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
devolutions remote desktop manager vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2023-0463
The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions Remote Desktop Manager 2022.3.29 to 2022.3.30 allows a user to save sensitive data on disk.
Devolutions Remote Desktop Manager 2022.3.29
Devolutions Remote Desktop Manager 2022.3.30
6.5
CVSSv3
CVE-2022-3781
Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue af...
Devolutions Remote Desktop Manager
Devolutions Devolutions Server
8.8
CVSSv3
CVE-2022-4287
Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and previous versions on Windows allows malicious user to access the application.
Devolutions Remote Desktop Manager
7.8
CVSSv3
CVE-2023-6288
Code injection in Remote Desktop Manager 2023.3.9.3 and previous versions on macOS allows an malicious user to execute code via the DYLIB_INSERT_LIBRARIES environment variable.
Devolutions Remote Desktop Manager
6.5
CVSSv3
CVE-2023-2282
Improper access control in the Web Login listener in Devolutions Remote Desktop Manager 2023.1.22 and previous versions on Windows allows an authenticated user to bypass administrator-enforced Web Login restrictions and gain access to entries via an unexpected vector.
Devolutions Remote Desktop Manager
5.4
CVSSv3
CVE-2021-28047
Cross-Site Scripting (XSS) in Administrative Reports in Devolutions Remote Desktop Manager prior to 2021.1 allows remote authenticated users to inject arbitrary web script or HTML via multiple input fields.
Devolutions Remote Desktop Manager
6.5
CVSSv3
CVE-2023-4417
Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and previous versions versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults v...
Devolutions Remote Desktop Manager
9.8
CVSSv3
CVE-2023-6593
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and previous versions on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.
Devolutions Remote Desktop Manager
5.4
CVSSv3
CVE-2024-0589
Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and previous versions on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.
Devolutions Remote Desktop Manager
4.3
CVSSv3
CVE-2023-1939
No access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager Windows 2022.3.33.0 and prior versions and Remote Desktop Manager Linux 2022.3.2.0 and prior versions allows non admin users to see OTP keys via the user interface.
Devolutions Remote Desktop Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »