Lucene search
K

166 matches found

OPENSUSE Linux
OPENSUSE Linux
•added 2023/06/30 12:0 a.m.•4 views

Security update for keepass (important)

openSUSE Security Update: Security update for keepass Announcement ID: openSUSE-SU-2023:0163-1 Rating: important References: 1211397 Cross-References: CVE-2023-32784 CVSS scores: CVE-2023-32784 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP5...

7.5CVSS9.8AI score0.04397EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
•added 2023/06/28 12:0 a.m.•31 views

openSUSE 15 Security Update : keepass (openSUSE-SU-2023:0157-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0157-1 advisory. - In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer...

7.5CVSS7.9AI score0.04397EPSS
Exploits5References4
OSV
OSV
•added 2023/06/27 6:21 p.m.•3 views

OPENSUSE-SU-2023:0157-1 Security update for keepass

This update for keepass fixes the following issues: Update to 2.54 Security: + Improved process memory protection of secure edit controls CVE-2023-32784, boo1211397. New Features: + Triggers, global URL overrides, password generator profiles and a few more settings are now stored in the enforced...

7.5CVSS7.5AI score0.04397EPSS
Exploits5References3
OPENSUSE Linux
OPENSUSE Linux
•added 2023/06/27 12:0 a.m.•5 views

Security update for keepass (important)

openSUSE Security Update: Security update for keepass Announcement ID: openSUSE-SU-2023:0157-1 Rating: important References: 1211397 Cross-References: CVE-2023-32784 CVSS scores: CVE-2023-32784 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP4...

7.5CVSS9.4AI score0.04397EPSS
Exploits5References1
BDU FSTEC
BDU FSTEC
•added 2023/06/13 12:0 a.m.•7 views

The vulnerability of the text field for entering the password of the KeePass password manager lies in the fact that user credentials are stored in an unencrypted form. This allows a hacker to retrieve the master password in its raw form.

The vulnerability of the password input field for the KeePass password manager’s administrator password storage is related to the storage of user data in an unencrypted form. Exploiting this vulnerability could allow a malicious actor to retrieve the master password in its raw form...

7.8CVSS7.5AI score0.04397EPSS
Exploits5References4Affected Software1
GithubExploit
GithubExploit
•added 2023/06/04 8:24 a.m.•359 views

Exploit for Cleartext Transmission of Sensitive Information in Keepass

KeePass-dump-py My attempt to re-write the original KeePass 2...

7.5CVSS7.6AI score0.04397EPSS
Exploits5
The Hacker News
The Hacker News
•added 2023/05/31 8:30 a.m.•3 views

RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical...

7.1AI score
Exploits0
Wiz blog
Wiz blog
•added 2023/05/23 1:49 p.m.•24 views

Exploitable and unpatched KeePass vulnerability: everything you need to know

Detect and mitigate CVE-2023-32784, a vulnerability in KeePass which allows the extraction of the master password in cleartext from the application's memory...

7.5CVSS7AI score0.04397EPSS
Exploits5
The Hacker News
The Hacker News
•added 2023/05/22 6:33 a.m.•84 views

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

A proof-of-concept PoC has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux,...

7.5CVSS6.9AI score0.04397EPSS
Exploits7
The Hacker News
The Hacker News
•added 2023/05/22 6:33 a.m.•3 views

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

A proof-of-concept PoC has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux,...

7.5CVSS7.1AI score0.04397EPSS
Exploits7
NCSC
NCSC
•added 2023/05/22 12:0 a.m.•5 views

Vulnerability discovered in Keepass

A vulnerability has been discovered in Keepass v2.A local malicious party can exploit the vulnerability to retrieve the master password password. To do this, the malicious party must already have access to the local environment of the victim. The vulnerability is in how the input field of the...

7.5CVSS7.2AI score0.04397EPSS
Exploits5
Malwarebytes
Malwarebytes
•added 2023/05/18 2:0 a.m.•61 views

KeePass vulnerability allows attackers to access the master password

KeePass is a free open source password manager, which helps you to manage your passwords and stores them in encrypted form. In fact, KeePass encrypts the whole database, i.e. not only your passwords, but also your user names, URLs, notes, etc. That encrypted database can only be opened with the...

5CVSS6.8AI score0.04397EPSS
Exploits5
GithubExploit
GithubExploit
•added 2023/05/17 8:15 p.m.•365 views

Exploit for Cleartext Transmission of Sensitive Information in Keepass

KeePass 2.53/cmdline files and store the pid of ones with t...

7.5CVSS7.7AI score0.04397EPSS
Exploits5
SUSE CVE
SUSE CVE
•added 2023/05/16 1:52 a.m.•4 views

SUSE CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

7.5CVSS7AI score0.04397EPSS
Exploits5References5
OSV
OSV
•added 2023/05/15 6:15 a.m.•15 views

CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

7.5CVSS6.3AI score
Exploits0References3
NVD
NVD
•added 2023/05/15 6:15 a.m.•14 views

CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

7.5CVSS7.5AI score0.04397EPSS
Exploits5References3
OSV
OSV
•added 2023/05/15 6:15 a.m.•2 views

DEBIAN-CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

7.5CVSS8AI score0.04397EPSS
Exploits5References1
OSV
OSV
•added 2023/05/15 6:15 a.m.•5 views

UBUNTU-CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

7.5CVSS7.3AI score0.04397EPSS
Exploits5References4
UbuntuCve
UbuntuCve
•added 2023/05/15 6:15 a.m.•57 views

CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

7.5CVSS7.2AI score0.04397EPSS
Exploits5References3
Prion
Prion
•added 2023/05/15 6:15 a.m.•19 views

Design/Logic Flaw

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

5CVSS7.4AI score0.04397EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder