Lucene search
K

142 matches found

CVE
CVE
added 2025/09/16 12:0 a.m.25 views

CVE-2025-59453

CVE-2025-59453 affects Click Studios Passwordstate before 9.9 Build 9972. A crafted URL during the Emergency Access page can bypass authentication and grant access to the Passwordstate Administration section. Root cause: likely an authentication bypass in the Emergency Access workflow. Affected p...

3.2CVSS6.7AI score0.00145EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.6 views

PT-2025-37865

Name of the Vulnerable Software and Affected Versions: Passwordstate versions prior to 9.9 Build 9972 Description: Passwordstate emergency access may be bypassed by using a crafted URL while on the Emergency Access web page, potentially granting unauthorized access to the Administration section...

3.2CVSS6.4AI score0.00145EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/09/16 12:0 a.m.10 views

CVE-2025-59453

Click Studios Passwordstate before 9.9 Build 9972 has a potential authentication bypass for Passwordstate emergency access. By using a crafted URL while on the Emergency Access web page, an unauthorized person can gain access to the Passwordstate Administration section...

3.2CVSS0.00145EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/08/29 9:58 a.m.3 views

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page

Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The high-severity issue, which is yet to be assigned a CVE identifier, has been addressed in...

7.5CVSS7.8AI score0.00968EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 6:45 a.m.23 views

CVE-2024-54124

In Click Studios Passwordstate before build 9920, there is a potential permission escalation on the edit folder screen...

8.8CVSS7.1AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:12 a.m.10 views

CVE-2023-47801

An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...

4.7CVSS6.9AI score0.00439EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:25 a.m.8 views

CVE-2022-25570

In Click Studios SA Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain access to additional password lists without permissions. Specifically, an authenticated user who has write permissions to a password list in one folder with the default permission model can extend his...

6.5CVSS7AI score0.00807EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:45 a.m.7 views

CVE-2022-4612

A vulnerability has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as problematic. This vulnerability affects unknown code. The manipulation leads to insufficiently protected credentials. The attack can be initiated remotely. The exploit has be...

6.5CVSS6.8AI score0.00853EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:34 a.m.8 views

CVE-2022-4610

A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this...

5.5CVSS6.9AI score0.00238EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:28 a.m.7 views

CVE-2022-4613

A vulnerability was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as critical. This issue affects some unknown processing of the component Browser Extension Provisioning. The manipulation leads to improper authorization. The attack may be initiated...

6.5CVSS6.9AI score0.00726EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:20 a.m.11 views

CVE-2022-4611

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

5.3CVSS6.9AI score0.01225EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:13 p.m.7 views

CVE-2022-3877

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected is an unknown function of the component URL Field Handler. The manipulation leads to cross site scripting. It is possible to launch the attack...

5.4CVSS6.3AI score0.00636EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.9 views

CVE-2022-3876

A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This issue affects some unknown processing of the file /api/browserextension/UpdatePassword/ of the component API. The manipulation of the argument...

6.5CVSS7AI score0.00844EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 p.m.8 views

CVE-2020-27747

An issue was discovered in Click Studios Passwordstate 8.9 Build 8973.If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator 4 digits, a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As resul...

6.8CVSS7.2AI score0.01091EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:1 a.m.6 views

CVE-2018-14776

Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document...

5.4CVSS5.9AI score0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:51 a.m.9 views

CVE-2022-3875

A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This vulnerability affects unknown code of the component API. The manipulation leads to authentication bypass by assumed-immutable data. The attack can be initiated remotely...

7.5CVSS7.4AI score0.00968EPSS
Exploits1
NVD
NVD
added 2024/11/29 4:15 a.m.15 views

CVE-2024-54124

In Click Studios Passwordstate before build 9920, there is a potential permission escalation on the edit folder screen...

8.8CVSS0.00394EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/29 12:0 a.m.11 views

CVE-2024-54124

In Click Studios Passwordstate before build 9920, there is a potential permission escalation on the edit folder screen...

7.1AI score0.00394EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/29 12:0 a.m.4 views

Click Studios Passwordstate 安全漏洞

Click Studios Passwordstate passwordstate is a password management software from the Click Studios team in Australia. The program provides users with the ability to save their passwords, record their accounts and passwords, and keep them safe. This program offers you the possibility to keep a...

8.8CVSS6.9AI score0.00394EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.21 views

CVE-2024-54124

In Click Studios Passwordstate before build 9920, there is a potential permission escalation on the edit folder screen...

0.00394EPSS
Exploits0References2
Rows per page
Query Builder