CVE Security

Improper handling of factor key state in the multi-factor authentication management feature in Devolutions Server allows an attacker with knowledge of...

Applications


                                    CVE-2026-9047

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9223

Missing authorization in the vault import feature in Devolutions Server 2026.1.16.0 and earlier allows a low-privileged authenticated user to creat...

Applications


                                    CVE-2026-9223

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9224

Missing authorization in the user profile update feature in Devolutions Server allows an authenticated Active Directory user to modify their own profi...

Applications


                                    CVE-2026-9224

Lire l'article

medium 5

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9245

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect vic...

Applications


                                    CVE-2026-9245

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-9246

Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access t...

Applications


                                    CVE-2026-9246

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-5171

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the r...

Applications


                                    CVE-2026-5171

Lire l'article

critical 9.6

29/05/2026

Vulnérabilité critical détectée - CVE-2026-39821

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example...

Applications


                                    CVE-2026-39821

Lire l'article

medium 5.9

29/05/2026

Vulnérabilité medium détectée - CVE-2022-31231

Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attack...

Applications


                                    CVE-2022-31231

Lire l'article

medium 6.5

29/05/2026

Vulnérabilité medium détectée - CVE-2022-34363

Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the Unisphere for VMAX application run...

Applications


                                    CVE-2022-34363

Lire l'article

medium 6.5

29/05/2026

Vulnérabilité medium détectée - CVE-2026-25680

Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.

Applications


                                    CVE-2026-25680

Lire l'article

high 8.1

29/05/2026

Vulnérabilité high détectée - CVE-2026-9256

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a...

Applications


                                    CVE-2026-9256

Lire l'article

medium 4.3

29/05/2026

Vulnérabilité medium détectée - CVE-2026-8347

Concrete CMS 9.5.0 and below is vulnerable to IDOR + wrong-authorization-level in the Express association Reorder dialog. This can cause Cross-enti...

Applications


                                    CVE-2026-8347

Lire l'article

12 13 14 15 16