Filtered by vendor Devolutions
Subscriptions
Filtered by product Remote Desktop Manager
Subscriptions
Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-3182 | 1 Devolutions | 1 Remote Desktop Manager | 2022-09-20 | 7.0 High |
Improper Access Control vulnerability in the Duo SMS two-factor of Devolutions Remote Desktop Manager 2022.2.14 and earlier allows attackers to bypass the application lock. This issue affects: Devolutions Remote Desktop Manager version 2022.2.14 and prior versions. | ||||
CVE-2022-2221 | 1 Devolutions | 1 Remote Desktop Manager | 2022-07-07 | 6.5 Medium |
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager before 2022.1.8 allows authenticated users to access credentials of other users. This issue affects: Devolutions Remote Desktop Manager versions prior to 2022.1.8. | ||||
CVE-2022-33995 | 1 Devolutions | 1 Remote Desktop Manager | 2022-06-28 | 7.5 High |
A path traversal issue in entry attachments in Devolutions Remote Desktop Manager before 2022.2 allows attackers to create or overwrite files in an arbitrary location. | ||||
CVE-2022-1342 | 1 Devolutions | 1 Remote Desktop Manager | 2022-06-24 | 4.6 Medium |
A lack of password masking in Devolutions Remote Desktop Manager allows physically proximate attackers to observe sensitive data. A caching issue can cause sensitive fields to sometimes stay revealed when closing and reopening a panel, which could lead to involuntarily disclosing sensitive information. This issue affects: Devolutions Remote Desktop Manager 2022.1.24 version and prior versions. | ||||
CVE-2021-42098 | 1 Devolutions | 1 Remote Desktop Manager | 2021-10-21 | 8.8 High |
An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell. | ||||
CVE-2021-28047 | 1 Devolutions | 1 Remote Desktop Manager | 2021-04-06 | 5.4 Medium |
Cross-Site Scripting (XSS) in Administrative Reports in Devolutions Remote Desktop Manager before 2021.1 allows remote authenticated users to inject arbitrary web script or HTML via multiple input fields. | ||||
CVE-2021-23922 | 1 Devolutions | 1 Remote Desktop Manager | 2021-04-06 | 5.4 Medium |
An issue was discovered in Devolutions Remote Desktop Manager before 2020.2.12. There is a cross-site scripting (XSS) vulnerability in webviews. |