Filtered by vendor Devolutions
Subscriptions
Filtered by product Devolutions Server
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-28048 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 6.5 Medium |
| An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page. | ||||
| CVE-2021-23925 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Devolutions Server before 2020.3. There is a cross-site scripting (XSS) vulnerability in entries of type Document. | ||||
| CVE-2021-23924 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 7.5 High |
| An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files. | ||||
| CVE-2021-23923 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 8.1 High |
| An issue was discovered in Devolutions Server before 2020.3. There is Broken Authentication with Windows domain users. | ||||
| CVE-2021-23921 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 9.1 Critical |
| An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements. | ||||
| CVE-2024-6512 | 1 Devolutions | 1 Devolutions Server | 2024-10-01 | 6.5 Medium |
| Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing intended security restrictions, via the PAM access request approval mechanism. | ||||