Vulnerabilities > Devexpress

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-18	CVE-2022-41479	Authorization Bypass Through User-Controlled Key vulnerability in Devexpress Asp.Net web Forms Controls 19.2.3 The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. network low complexity devexpress CWE-639	7.5
2022-08-03	CVE-2022-28684	Deserialization of Untrusted Data vulnerability in Devexpress 22.1.0 This vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress. network low complexity devexpress CWE-502	8.8
2021-08-04	CVE-2021-36483	Deserialization of Untrusted Data vulnerability in Devexpress DevExpress.XtraReports.UI through v21.1 allows attackers to execute arbitrary code via insecure deserialization. network low complexity devexpress CWE-502	8.8

Vulnerabilities > Devexpress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Devexpress"}]}