39 matches found
EUVD-2018-18067
Malware in sbrugna...
EUVD-2021-21697
Malware in sbrugna...
EUVD-2023-27449
Malicious code in bioql PyPI...
CVE-2023-23349
Kaspersky has fixed a security issue in Kaspersky Password Manager KPM for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form o...
CVE-2021-35052
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
CVE-2020-27020
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information for example, time of password generation...
The vulnerability of Kaspersky Password Manager’s password manager feature, related to the automatic restoration of automatically filled-in user credentials, allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of Kaspersky Password Manager is related to the recovery of automatically filled account information from the memory dump due to the use of the autofill function of the Google Chrome browser. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...
CVE-2023-23349
CVE-2023-23349 concerns Kaspersky Password Manager (KPM) for Windows, specifically when using the Google Chrome extension. A local attacker can potentially recover auto-filled credentials from a memory dump after the extension autofills them on a login form. Exploitation requires the user to be t...
Kaspersky Password Manager 安全漏洞
Kaspersky Password Manager is an application from the Russian laboratory Kaspersky Kaspersky. It provides a function to manage passwords. A security vulnerability exists in versions prior to Kaspersky Password Manager 24.0.0.427, which stems from a vulnerability that allows for the auto-populatio...
Kaspersky Password Manager Improper Privilege Management Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Kaspersky Password Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
CVE-2021-35052
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
CVE-2021-35052
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
Design/Logic Flaw
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
CVE-2021-35052
Summary: CVE-2021-35052 concerns Kaspersky Password Manager. The connected ZDI advisory states the flaw exists in the Kaspersky Password Manager Service and arises from execution with unnecessary privileges, enabling local attackers to escalate from medium to high integrity by running code in the...
CVE-2021-35052
A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High...
Kaspersky Password Manager 安全漏洞
Kaspersky Password Manager is an application from the Russian company Kaspersky. It provides a function to manage passwords. A security vulnerability exists in Kaspersky Password Manager that allows an attacker to increase the process integrity level from medium to high...
Passwords by Kaspersky Password Manager exposed to brute-force attack
By Deeba Ahmed If you are using Kaspersky Password Manager for creating passwords, you might want to consider regenerating those you created before Oct 2019. This is a post from HackRead.com Read the original post: Passwords by Kaspersky Password Manager exposed to brute-force attack...
Vulnerability in the Kaspersky Password Manager
A vulnerability just patched in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic...
The vulnerability of Kaspersky Password Manager’s password manager, related to insufficient encryption strength, allows attackers to circumvent cryptographic security measures.
The vulnerability of Kaspersky Password Manager is related to insufficient encryption strength. Exploiting this vulnerability could allow an attacker to bypass cryptographic security measures...
Kaspersky Password Manager Encryption Problem Vulnerability
Kaspersky Password Manager is an application from the Russian company Kaspersky. It provides a function to manage passwords. Kaspersky Password Manager suffers from a cryptographic vulnerability that arises from a password generator feature that allows an attacker to predict the passwords that wi...