Lucene search
K

429 matches found

NVD
NVD
added 2024/05/20 9:15 p.m.16 views

CVE-2024-33901

Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...

6.5CVSS6.2AI score0.00699EPSS
Exploits2References4
OSV
OSV
added 2024/05/20 9:15 p.m.5 views

UBUNTU-CVE-2024-33901

DISPUTED Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic...

6.5CVSS5.8AI score0.00699EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2024/05/20 9:15 p.m.18 views

CVE-2024-33901

Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...

6.5CVSS5.9AI score0.00699EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/05/20 8:29 p.m.22 views

CVE-2024-33900

KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...

6.4AI score0.00344EPSS
Exploits1References4
OSV
OSV
added 2024/05/20 8:21 p.m.13 views

CVE-2024-33901

Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...

6.5CVSS6.3AI score0.00699EPSS
Exploits2References6
Cvelist
Cvelist
added 2024/05/20 8:21 p.m.20 views

CVE-2024-33901

Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...

6.2AI score0.00699EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.7 views

PT-2024-25537 · Keepassxc · Keepassxc

Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker, who has the privileges of the victim, to recover some passwords stored in the .kdbx database via a memory dump. The vendor disputes this, citing memory-management constraints...

6.5CVSS6.6AI score0.00699EPSS
Exploits2References14
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.9 views

PT-2024-25536 · Keepassxc · Keepassxc

Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker with victim privileges to recover cleartext credentials via a memory dump. It is noted that the vendor disputes this, citing memory-management constraints that make this...

6.5CVSS6.8AI score0.00344EPSS
Exploits1References13
The Hacker News
The Hacker News
added 2024/04/03 4:10 p.m.73 views

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as follows - CVE-2024-29745 - An information disclosure flaw in the bootloader component CVE-2024-29748 - A...

9.2AI score0.0068EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/04/02 12:0 a.m.4 views

PT-2024-2945 · Google · Android Pixel

Name of the Vulnerable Software and Affected Versions: Android Pixel versions affected versions not specified Description: The issue is related to an Information Disclosure vulnerability due to uninitialized data. This could lead to local information disclosure with no additional execution...

5.5CVSS7.7AI score0.00482EPSS
Exploits0References38
NVD
NVD
added 2024/03/22 5:15 p.m.17 views

CVE-2023-23349

Kaspersky has fixed a security issue in Kaspersky Password Manager KPM for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form o...

2.2CVSS3.2AI score0.00093EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/22 4:15 p.m.11 views

CVE-2023-23349

Kaspersky has fixed a security issue in Kaspersky Password Manager KPM for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form o...

2.2CVSS6.4AI score0.00093EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/22 4:15 p.m.15 views

CVE-2023-23349

Kaspersky has fixed a security issue in Kaspersky Password Manager KPM for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form o...

2.2CVSS3.7AI score0.00093EPSS
Exploits0References1
CVE
CVE
added 2024/03/22 4:15 p.m.81 views

CVE-2023-23349

CVE-2023-23349 concerns Kaspersky Password Manager (KPM) for Windows, specifically when using the Google Chrome extension. A local attacker can potentially recover auto-filled credentials from a memory dump after the extension autofills them on a login form. Exploitation requires the user to be t...

2.2CVSS6.2AI score0.00093EPSS
Exploits0References1
CNVD
CNVD
added 2024/03/18 12:0 a.m.20 views

Delinea PAM Secret Server Information Disclosure Vulnerability

Delinea PAM Secret Server is a key service manager from Delinea. An information disclosure vulnerability exists in Delinea PAM Secret Server version 11.4, which can be exploited by an attacker to read data from a memory dump...

6.7CVSS6.2AI score0.00076EPSS
Exploits0References1
OSV
OSV
added 2024/03/14 3:15 a.m.4 views

CVE-2024-25649

In Delinea PAM Secret Server 11.4, it is possible for an attacker with Administrator access to the Secret Server machine to read the following data from a memory dump: the decrypted master key, database credentials when SQL Server Authentication is enabled, the encryption key of RabbitMQ queue...

6.7CVSS5.8AI score0.00076EPSS
Exploits0References1
NVD
NVD
added 2024/03/14 3:15 a.m.69 views

CVE-2024-25649

In Delinea PAM Secret Server 11.4, it is possible for an attacker with Administrator access to the Secret Server machine to read the following data from a memory dump: the decrypted master key, database credentials when SQL Server Authentication is enabled, the encryption key of RabbitMQ queue...

6.7CVSS7AI score0.00076EPSS
Exploits0References1
CVE
CVE
added 2024/03/14 12:0 a.m.62 views

CVE-2024-25649

CVE-2024-25649 affects Delinea PAM Secret Server 11.4. An attacker with Administrator access to the Secret Server machine can read from a memory dump: the decrypted master key, database credentials (when SQL Server Authentication is enabled), the RabbitMQ queue messages encryption key, and sessio...

6.7CVSS7.3AI score0.00076EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/03/14 12:0 a.m.26 views

CVE-2024-25649

In Delinea PAM Secret Server 11.4, it is possible for an attacker with Administrator access to the Secret Server machine to read the following data from a memory dump: the decrypted master key, database credentials when SQL Server Authentication is enabled, the encryption key of RabbitMQ queue...

7.3AI score0.00076EPSS
Exploits0References1
Prion
Prion
added 2024/03/11 6:15 p.m.38 views

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...

7.2AI score0.00294EPSS
Exploits1References6
Rows per page
Query Builder