Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
devolutions remote desktop manager vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-28047
Cross-Site Scripting (XSS) in Administrative Reports in Devolutions Remote Desktop Manager prior to 2021.1 allows remote authenticated users to inject arbitrary web script or HTML via multiple input fields.
Devolutions Remote Desktop Manager
7
CVSSv3
CVE-2022-3182
Improper Access Control vulnerability in the Duo SMS two-factor of Devolutions Remote Desktop Manager 2022.2.14 and previous versions allows malicious users to bypass the application lock. This issue affects: Devolutions Remote Desktop Manager version 2022.2.14 and prior versions...
Devolutions Remote Desktop Manager
4.6
CVSSv3
CVE-2022-1342
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate malicious users to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disc...
Devolutions Remote Desktop Manager
6.5
CVSSv3
CVE-2022-2221
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager prior to 2022.1.8 allows authenticated users to access credentials of other users. This issue affects: Devolutions Remote Desktop Manager versions prior to 2022.1.8.
Devolutions Remote Desktop Manager
8.8
CVSSv3
CVE-2022-4287
Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and previous versions on Windows allows malicious user to access the application.
Devolutions Remote Desktop Manager
5.4
CVSSv3
CVE-2021-23922
An issue exists in Devolutions Remote Desktop Manager prior to 2020.2.12. There is a cross-site scripting (XSS) vulnerability in webviews.
Devolutions Remote Desktop Manager
7.5
CVSSv3
CVE-2022-26964
Weak password derivation for export in Devolutions Remote Desktop Manager prior to 2022.1 allows information disclosure via a password brute-force attack. An error caused base64 to be decoded.
Devolutions Remote Desktop Manager
8.8
CVSSv3
CVE-2022-3641
Elevation of privilege in the Azure SQL Data Source in Devolutions Remote Desktop Manager 2022.3.13 to 2022.3.24 allows an authenticated user to spoof a privileged account.
Devolutions Remote Desktop Manager
8.8
CVSSv3
CVE-2021-42098
An incomplete permission check on entries in Devolutions Remote Desktop Manager prior to 2021.2.16 allows malicious users to bypass permissions via batch custom PowerShell.
Devolutions Remote Desktop Manager
7.8
CVSSv3
CVE-2023-6288
Code injection in Remote Desktop Manager 2023.3.9.3 and previous versions on macOS allows an malicious user to execute code via the DYLIB_INSERT_LIBRARIES environment variable.
Devolutions Remote Desktop Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »