Lucene search
K

142 matches found

CVE
CVE
added 2022/03/21 12:59 p.m.80 views

CVE-2022-25570

Technical details (versions, root cause, impact, and fixes) are not publicly provided in the connected documents; monitor for updates.

6.5CVSS6.5AI score0.00807EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/03/21 12:0 a.m.6 views

Click Studios Passwordstate 代码问题漏洞

Click Studios Passwordstate passwordstate is a password management software from the Click Studios team in Australia. The program provides users with the ability to save their passwords, record their accounts and passwords, and keep them safe. Click Studios Passwordstate is a password management...

6.5CVSS6.6AI score0.00807EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2021/04/30 7:24 a.m.45 views

Passwordstate Warns of Ongoing Phishing Attacks Following Data Breach

Click Studios, the Australian software firm which confirmed a supply chain attack affecting its Passwordstate password management application, has warned customers of an ongoing phishing attack by an unknown threat actor. "We have been advised a bad actor has commenced a phishing attack with a...

1.4AI score
Exploits0
NCSC
NCSC
added 2021/04/26 12:0 a.m.6 views

Update mechanism Passwordstate compromised

Click Studios, the manufacturer of Passwordstate, has announced announced that its automatic update mechanism has been abused to offer malicious files for download. If you meet these criteria: - you are currently using version 9.1 build 9117, - Passwordstate applies updates automatically, - and t...

6.7AI score
Exploits0
HackRead
HackRead
added 2021/04/25 9:29 p.m.56 views

PasswordState password manager’s update hijacked to drop malware

By Habiba Rashid The customers were warned through an email that confirmed that the PasswordState software update feature had been compromised. This is a post from HackRead.com Read the original post: PasswordState password managers update hijacked to drop malware...

2.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/24 8:9 a.m.83 views

Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs

Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software's update...

0.4AI score
Exploits0
OSV
OSV
added 2020/10/29 6:15 p.m.5 views

CVE-2020-27747

An issue was discovered in Click Studios Passwordstate 8.9 Build 8973.If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator 4 digits, a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As resul...

6.8CVSS6.7AI score0.01091EPSS
Exploits0References2
Prion
Prion
added 2020/10/29 6:15 p.m.20 views

Code injection

An issue was discovered in Click Studios Passwordstate 8.9 Build 8973.If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator 4 digits, a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As resul...

2.1CVSS6.7AI score0.01091EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/10/29 5:26 p.m.40 views

CVE-2020-27747

CVE-2020-27747 concerns Click Studios Passwordstate 8.9 (Build 8973). The issue: if a user set a 4‑digit PIN via the mobile built‑in generator, a remote attacker can brute‑force the PIN, potentially exposing all passwords accessible to the affected account. The available documents describe the af...

6.8CVSS6.6AI score0.01091EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/10/29 5:26 p.m.25 views

CVE-2020-27747

An issue was discovered in Click Studios Passwordstate 8.9 Build 8973.If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator 4 digits, a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As resul...

6.7AI score0.01091EPSS
Exploits0References2
CNVD
CNVD
added 2020/10/20 12:0 a.m.2 views

ClickStudios Passwordstate Authorization Issues Vulnerability

clickstudios passwordstate passwordstate is a password management software from clickstudios Australia. The program provides users with a password saving feature, where users can record their various accounts and passwords, and the software will also ensure the security of the accounts and...

7.5CVSS6.8AI score0.04456EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2020/10/05 2:52 p.m.163 views

Exploit for Missing Authentication for Critical Function in Clickstudios Passwordstate

CVE-2020-26061 ClickStudios Passwordstate Password Reset Por...

7.5CVSS7.7AI score0.04456EPSS
Exploits2
OSV
OSV
added 2020/10/05 2:15 p.m.5 views

CVE-2020-26061

ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security questions. An unauthenticated, remote attacker can send a crafted...

7.5CVSS5.8AI score0.04456EPSS
Exploits2References2
NVD
NVD
added 2020/10/05 2:15 p.m.20 views

CVE-2020-26061

ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security questions. An unauthenticated, remote attacker can send a crafted...

7.5CVSS0.04456EPSS
Exploits2References2
Prion
Prion
added 2020/10/05 2:15 p.m.18 views

Authentication flaw

ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security questions. An unauthenticated, remote attacker can send a crafted...

5CVSS7.8AI score0.04456EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2020/10/05 1:43 p.m.51 views

CVE-2020-26061

The CVE concerns ClickStudios Passwordstate (password manager) prior to 8.5 build 8501. The ResetPassword function does not verify whether the user is authenticated via security questions, allowing an unauthenticated, remote attacker to send a crafted HTTP request to /account/ResetPassword to set...

7.5CVSS7.8AI score0.04456EPSS
Exploits2References2Affected Software1
CNVD
CNVD
added 2018/08/08 12:0 a.m.6 views

Click Studios Passwordstate Cross-Site Scripting Vulnerability

Click Studios Passwordstate is a web-based password manager from Click Studios Australia. A cross-site scripting vulnerability exists in versions prior to Click Studios Passwordstate 8.3 Build 8397. The vulnerability can be exploited by remote attackers to inject arbitrary web script or HTML via ...

5.4CVSS5.3AI score0.00526EPSS
Exploits0References1
OSV
OSV
added 2018/08/01 6:29 a.m.3 views

CVE-2018-14776

Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document...

5.4CVSS5.8AI score0.00526EPSS
Exploits0References2
Prion
Prion
added 2018/08/01 6:29 a.m.15 views

Hardcoded credentials

Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document...

3.5CVSS5.1AI score0.00526EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/08/01 6:29 a.m.22 views

CVE-2018-14776

Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document...

5.4CVSS5.2AI score0.00526EPSS
Exploits0References2
Rows per page
Query Builder