CVE-2020-37178 KeePass 2.44 - Denial of Service (PoC)

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash...

CVE-2019-20184

KeePass 2.4.1 allows CSV injection in the title field of a CSV export...

EUVD-2010-5159

Malware in sbrugna...

EUVD-2016-6070

Malware in sbrugna...

EUVD-2010-5155

Malware in sbrugna...

EUVD-2022-15794

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-32784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. Th...

CVE-2023-24055

KeePass through 2.53 in a default installation allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has...

The vulnerability of the KeePass password manager, related to the unencrypted storage of critical information, allows attackers to obtain passwords in an open form.

The vulnerability of the KeePass password manager is related to the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker to obtain passwords in their raw form...

openSUSE 15 Security Update : keepass (openSUSE-SU-2023:0157-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0157-1 advisory. - In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer...

The vulnerability of the text field for entering the password of the KeePass password manager lies in the fact that user credentials are stored in an unencrypted form. This allows a hacker to retrieve the master password in its raw form.

The vulnerability of the password input field for the KeePass password manager’s administrator password storage is related to the storage of user data in an unencrypted form. Exploiting this vulnerability could allow a malicious actor to retrieve the master password in its raw form...

KeePass vulnerability allows attackers to access the master password

KeePass is a free open source password manager, which helps you to manage your passwords and stores them in encrypted form. In fact, KeePass encrypts the whole database, i.e. not only your passwords, but also your user names, URLs, notes, etc. That encrypted database can only be opened with the...

SUSE CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

PT-2023-3057

Name of the Vulnerable Software and Affected Versions KeePass versions prior to 2.54 Description An issue exists in the password manager's password input text field where credentials may be stored in unencrypted form. This could allow a remote attacker to recover the master password in cleartext...

CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

CVE-2022-0725

A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...

PT-2022-13391 · Keepass · Keepass

Name of the Vulnerable Software and Affected Versions: KeePass affected versions not specified Description: A flaw in KeePass leads to an Information Exposure issue due to the logging of plain text passwords in the system log. This allows an attacker to interact with and read sensitive passwords...

CVE-2019-20184

KeePass 2.4.1 allows CSV injection in the title field of a CSV export...

CVE-2016-5119

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update...