Devolutions

Remote Desktop Manager

52 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2026-12162

  • EPSS 0.11%
  • Veröffentlicht 15.06.2026 23:56:59
  • Zuletzt bearbeitet 16.06.2026 20:33:01

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain.

8.8

CVE-2026-12161

  • EPSS 0.3%
  • Veröffentlicht 15.06.2026 23:55:24
  • Zuletzt bearbeitet 16.06.2026 20:32:33

Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using ...

9.8

CVE-2026-2590

  • EPSS 0.42%
  • Veröffentlicht 03.03.2026 21:22:34
  • Zuletzt bearbeitet 10.05.2026 13:16:35

Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to persist credentials in vault entries, potentially e...

3.3

CVE-2026-0747

  • EPSS 0.18%
  • Veröffentlicht 08.01.2026 19:55:58
  • Zuletzt bearbeitet 22.01.2026 18:14:40

Exposure of sensitive information in the TeamViewer entry dashboard component in Devolutions Remote Desktop Manager 2025.3.24.0 through 2025.3.28.0 on Windows allows an external observer to view a password on screen via a defective masking feature, f...

6.5

CVE-2025-13683

  • EPSS 0.34%
  • Veröffentlicht 28.11.2025 17:00:48
  • Zuletzt bearbeitet 18.12.2025 21:18:26

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.

7.5

CVE-2025-5334

  • EPSS 0.48%
  • Veröffentlicht 29.05.2025 14:47:25
  • Zuletzt bearbeitet 02.07.2025 17:31:56

Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal information. Under specific circumst...

6.8

CVE-2025-2600

  • EPSS 0.36%
  • Veröffentlicht 26.03.2025 17:37:39
  • Zuletzt bearbeitet 26.08.2025 18:15:47

Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use the ELEVATED_PASSWORD variable even though not allowed by the "Allow password in variable policy". This issue ...

5.4

CVE-2025-2562

  • EPSS 0.36%
  • Veröffentlicht 26.03.2025 17:24:37
  • Zuletzt bearbeitet 02.07.2025 17:32:38

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. Th...

3.6

CVE-2025-2528

  • EPSS 0.15%
  • Veröffentlicht 26.03.2025 17:20:00
  • Zuletzt bearbeitet 02.07.2025 17:32:48

Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a configuration different from the one mandated by the system administrators. This issue affects Remote D...

5.4

CVE-2025-2499

  • EPSS 0.34%
  • Veröffentlicht 26.03.2025 17:14:59
  • Zuletzt bearbeitet 02.07.2025 17:32:56

Client side access control bypass in the permission component in Devolutions Remote Desktop Manager on Windows. An authenticated user can exploit this flaw to bypass certain permission restrictions—specifically View Password, Edit Asset, and Edit Pe...