429 matches found
CVE-2024-33901
Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
UBUNTU-CVE-2024-33901
DISPUTED Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic...
CVE-2024-33901
Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
CVE-2024-33900
KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
CVE-2024-33901
Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
CVE-2024-33901
Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
PT-2024-25537 · Keepassxc · Keepassxc
Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker, who has the privileges of the victim, to recover some passwords stored in the .kdbx database via a memory dump. The vendor disputes this, citing memory-management constraints...
PT-2024-25536 · Keepassxc · Keepassxc
Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker with victim privileges to recover cleartext credentials via a memory dump. It is noted that the vendor disputes this, citing memory-management constraints that make this...
Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies
Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as follows - CVE-2024-29745 - An information disclosure flaw in the bootloader component CVE-2024-29748 - A...
PT-2024-2945 · Google · Android Pixel
Name of the Vulnerable Software and Affected Versions: Android Pixel versions affected versions not specified Description: The issue is related to an Information Disclosure vulnerability due to uninitialized data. This could lead to local information disclosure with no additional execution...
CVE-2023-23349
Kaspersky has fixed a security issue in Kaspersky Password Manager KPM for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form o...
CVE-2023-23349
Kaspersky has fixed a security issue in Kaspersky Password Manager KPM for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form o...
CVE-2023-23349
Kaspersky has fixed a security issue in Kaspersky Password Manager KPM for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form o...
CVE-2023-23349
CVE-2023-23349 concerns Kaspersky Password Manager (KPM) for Windows, specifically when using the Google Chrome extension. A local attacker can potentially recover auto-filled credentials from a memory dump after the extension autofills them on a login form. Exploitation requires the user to be t...
Delinea PAM Secret Server Information Disclosure Vulnerability
Delinea PAM Secret Server is a key service manager from Delinea. An information disclosure vulnerability exists in Delinea PAM Secret Server version 11.4, which can be exploited by an attacker to read data from a memory dump...
CVE-2024-25649
In Delinea PAM Secret Server 11.4, it is possible for an attacker with Administrator access to the Secret Server machine to read the following data from a memory dump: the decrypted master key, database credentials when SQL Server Authentication is enabled, the encryption key of RabbitMQ queue...
CVE-2024-25649
In Delinea PAM Secret Server 11.4, it is possible for an attacker with Administrator access to the Secret Server machine to read the following data from a memory dump: the decrypted master key, database credentials when SQL Server Authentication is enabled, the encryption key of RabbitMQ queue...
CVE-2024-25649
CVE-2024-25649 affects Delinea PAM Secret Server 11.4. An attacker with Administrator access to the Secret Server machine can read from a memory dump: the decrypted master key, database credentials (when SQL Server Authentication is enabled), the RabbitMQ queue messages encryption key, and sessio...
CVE-2024-25649
In Delinea PAM Secret Server 11.4, it is possible for an attacker with Administrator access to the Secret Server machine to read the following data from a memory dump: the decrypted master key, database credentials when SQL Server Authentication is enabled, the encryption key of RabbitMQ queue...
Null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...