CVE-2023-1980
published 2023-04-11CVE-2023-1980: Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via…
PriorityP339medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.52%
39.9th percentile
Two factor
authentication
bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| devolutions | remote_desktop_manager | <= 2022.3.35 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5775-m3qf-xc33: Two factor
authentication
bypass on login in Devolutions Remote Desktop Manager 2022
ghsa_unreviewed·2023-04-11
CVE-2023-1980 [MEDIUM] CWE-287 GHSA-5775-m3qf-xc33: Two factor
authentication
bypass on login in Devolutions Remote Desktop Manager 2022
Two factor
authentication
bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and earlier allow user to cancel the two factor authentication via the application user interface and open entries.
Red Hat
kernel: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()
vendor_redhat·2025-09-16·CVSS 5.5
CVE-2023-53294 [MEDIUM] kernel: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()
kernel: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()
Syzbot reported a null-ptr-deref bug:
ntfs3: loop0: Different NTFS' sector size (1024) and media sector size
(512)
ntfs3: loop0: Mark volume as dirty due to NTFS errors
general protection fault, probably for non-canonical address
0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
RIP: 0010:d_flags_for_inode fs/dcache.c:1980 [inline]
RIP: 0010:__d_add+0x5ce/0x800 fs/dcache.c:2796
Call Trace:
d_splice_alias+0x122/0x3b0 fs/dcache.c:3191
lookup_open fs/namei.c:3391 [inline]
open_last_lookups fs/namei.c:3481 [inline]
path_openat+0x
No detection rules found.
No public exploits indexed.
2023-04-11
Published