166 matches found
Security update for keepass (important)
openSUSE Security Update: Security update for keepass Announcement ID: openSUSE-SU-2023:0163-1 Rating: important References: 1211397 Cross-References: CVE-2023-32784 CVSS scores: CVE-2023-32784 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP5...
openSUSE 15 Security Update : keepass (openSUSE-SU-2023:0157-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0157-1 advisory. - In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer...
OPENSUSE-SU-2023:0157-1 Security update for keepass
This update for keepass fixes the following issues: Update to 2.54 Security: + Improved process memory protection of secure edit controls CVE-2023-32784, boo1211397. New Features: + Triggers, global URL overrides, password generator profiles and a few more settings are now stored in the enforced...
Security update for keepass (important)
openSUSE Security Update: Security update for keepass Announcement ID: openSUSE-SU-2023:0157-1 Rating: important References: 1211397 Cross-References: CVE-2023-32784 CVSS scores: CVE-2023-32784 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP4...
The vulnerability of the text field for entering the password of the KeePass password manager lies in the fact that user credentials are stored in an unencrypted form. This allows a hacker to retrieve the master password in its raw form.
The vulnerability of the password input field for the KeePass password managerās administrator password storage is related to the storage of user data in an unencrypted form. Exploiting this vulnerability could allow a malicious actor to retrieve the master password in its raw form...
Exploit for Cleartext Transmission of Sensitive Information in Keepass
KeePass-dump-py My attempt to re-write the original KeePass 2...
RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks
The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is tracking the activity cluster under the name Void Rabisu, which is also known as Tropical...
Exploitable and unpatched KeePass vulnerability: everything you need to know
Detect and mitigate CVE-2023-32784, a vulnerability in KeePass which allows the extraction of the master password in cleartext from the application's memory...
KeePass Exploit Allows Attackers to Recover Master Passwords from Memory
A proof-of-concept PoC has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux,...
KeePass Exploit Allows Attackers to Recover Master Passwords from Memory
A proof-of-concept PoC has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux,...
Vulnerability discovered in Keepass
A vulnerability has been discovered in Keepass v2.A local malicious party can exploit the vulnerability to retrieve the master password password. To do this, the malicious party must already have access to the local environment of the victim. The vulnerability is in how the input field of the...
KeePass vulnerability allows attackers to access the master password
KeePass is a free open source password manager, which helps you to manage your passwords and stores them in encrypted form. In fact, KeePass encrypts the whole database, i.e. not only your passwords, but also your user names, URLs, notes, etc. That encrypted database can only be opened with the...
Exploit for Cleartext Transmission of Sensitive Information in Keepass
KeePass 2.53/cmdline files and store the pid of ones with t...
SUSE CVE-2023-32784
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...
CVE-2023-32784
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...
CVE-2023-32784
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...
DEBIAN-CVE-2023-32784
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...
UBUNTU-CVE-2023-32784
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...
CVE-2023-32784
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...
Design/Logic Flaw
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...