CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2025-32715 – Remote Desktop Protocol Client Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-32715
10 Jun 2025 — Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32715 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 25EXPL: 0CVE-2025-29967 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29967
13 May 2025 — Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29967 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 25EXPL: 0CVE-2025-29966 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-29966
13 May 2025 — Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29966 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 25EXPL: 0CVE-2025-27487 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-27487
08 Apr 2025 — Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27487 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2025-26645 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26645
11 Mar 2025 — Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26645 • CWE-23: Relative Path Traversal CWE-284: Improper Access Control •
CVSS: 8.4EPSS: 1%CPEs: 25EXPL: 0CVE-2024-49105 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49105
10 Dec 2024 — Remote Desktop Client Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49105 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 3%CPEs: 8EXPL: 0CVE-2024-43533 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43533
08 Oct 2024 — Remote Desktop Client Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43533 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 26EXPL: 0CVE-2024-38131 – Clipboard Virtual Channel Extension Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-38131
13 Aug 2024 — Clipboard Virtual Channel Extension Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38131 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0589
https://notcve.org/view.php?id=CVE-2024-0589
31 Jan 2024 — Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry. Vulnerabilidad de cross site scripting (XSS) en la pestaña de descripción general de la entrada en Devolutions Remote Desktop Manager 2023.3.36 y versiones anteriores en Windows permite a un atacante con acceso a una fuente de datos inyectar un script ma... • https://devolutions.net/security/advisories/DEVO-2024-0001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-7047
https://notcve.org/view.php?id=CVE-2023-7047
21 Dec 2023 — Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL data sources. La validación inadecuada de permisos al emplear herramientas remotas y macros a través del menú contextual dentro de las versiones 2023.3.31 y anteriores de Devolutions Remote Desktop Manager permite a un... • https://devolutions.net/security/advisories/DEVO-2023-0024 • CWE-863: Incorrect Authorization •