Lucene search
K

142 matches found

CVE
CVE
added 2024/11/29 12:0 a.m.52 views

CVE-2024-54124

Affected software: Click Studios Passwordstate prior to build 9920. Issue: potential permission escalation on the edit folder screen due to a root cause described in CVE-2024-54124. Impact: high (CVSS 3.1 base score 8.8) with full confidentiality, integrity, and availability impact; attack vector...

8.8CVSS7.2AI score0.00394EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/29 12:0 a.m.21 views

CVE-2024-54124

In Click Studios Passwordstate before build 9920, there is a potential permission escalation on the edit folder screen...

0.00394EPSS
Exploits0References2
NVD
NVD
added 2024/06/24 12:15 a.m.23 views

CVE-2024-39337

Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass...

6.5CVSS0.0031EPSS
Exploits0References2
CVE
CVE
added 2024/06/23 12:0 a.m.50 views

CVE-2024-39337

CVE-2024-39337 affects Click Studios Passwordstate Core prior to 9.8 build 9858, where an authentication bypass is possible. The vulnerability allows bypassing authentication via network access with no user interaction required; CVSS v3.1 base score 6.5 (Confidentiality/Integrity impact: Low). Re...

6.5CVSS6.9AI score0.0031EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/23 12:0 a.m.3 views

PT-2024-28455

Name of the Vulnerable Software and Affected Versions: Click Studios Passwordstate Core versions prior to 9.8 build 9858 Description: The issue allows for authentication bypass. Recommendations: For versions prior to 9.8 build 9858, update to version 9.8 build 9858 or later to resolve the issue...

6.5CVSS6.8AI score0.0031EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/06/23 12:0 a.m.22 views

CVE-2024-39337

Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass...

0.0031EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/23 12:0 a.m.15 views

CVE-2024-39337

Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass...

7.2AI score0.0031EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/23 12:0 a.m.4 views

Click Studios Passwordstate Security Breach

Click Studios Passwordstate passwordstate is a password management software from the Click Studios team in Australia. The program provides users with the ability to save their passwords, record their accounts and passwords, and keep them safe. Click Studios Passwordstate Core is a password...

6.5CVSS6.9AI score0.0031EPSS
Exploits0References2
OSV
OSV
added 2023/11/13 9:15 a.m.4 views

CVE-2023-47801

An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...

4.7CVSS5.8AI score0.00439EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/11/13 9:15 a.m.4 views

CVE-2023-47801

An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...

4.7CVSS5.8AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2023/11/13 9:15 a.m.23 views

CVE-2023-47801

An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...

4.7CVSS0.00439EPSS
Exploits0References1
Prion
Prion
added 2023/11/13 9:15 a.m.31 views

Default credentials

An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...

5.8CVSS7.3AI score0.00439EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/13 12:0 a.m.10 views

CVE-2023-47801

An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...

7.1AI score0.00439EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/13 12:0 a.m.4 views

Click Studios Passwordstate Security Breach

Click Studios Passwordstate passwordstate is a password management software from the Click Studios team in Australia. The program provides users with the ability to save their passwords, record their accounts and passwords, and keep them safe. This program provides you with the ability to save yo...

4.7CVSS6.7AI score0.00439EPSS
Exploits0References2
CVE
CVE
added 2023/11/13 12:0 a.m.36 views

CVE-2023-47801

CVE-2023-47801 affects Click Studios Passwordstate prior to 9811. The issue allows existing Security Administrators to misuse the System Wide API Key (when used with the PasswordHistory endpoint) to read or delete private password records, and to misuse the Copy/Move Password Record API Key to co...

4.7CVSS4.8AI score0.00439EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/13 12:0 a.m.23 views

CVE-2023-47801

An issue was discovered in Click Studios Passwordstate before 9811. Existing users Security Administrators could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password...

5.1AI score0.00439EPSS
Exploits0References1
OSV
OSV
added 2023/10/31 9:15 p.m.4 views

CVE-2023-43295

Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...

3.5CVSS6.1AI score0.0024EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/10/31 9:15 p.m.6 views

CVE-2023-43295

Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...

3.5CVSS6.2AI score0.0024EPSS
Exploits0References2
NVD
NVD
added 2023/10/31 9:15 p.m.24 views

CVE-2023-43295

Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...

3.5CVSS4.7AI score0.0024EPSS
Exploits0References1
Prion
Prion
added 2023/10/31 9:15 p.m.17 views

Cross site request forgery (csrf)

Cross Site Request Forgery vulnerability in Click Studios SA Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request...

3.5CVSS4.9AI score0.0024EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder