MAL-2025-192309 Malicious code in node-dpapi1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a892f37c5be6dceac9cda541ce52d7dc4456d98acbfaa7d2a1e530d181567e29 The package node-dpapi1 was found to contain malicious code. Source: ghsa-malware 96a0f4f04fbe21b39cfa4fe8473fc5394bcecce0f814fcba5f89d6f6217e523d An...

EUVD-2023-39988

Malicious code in bioql PyPI...

EUVD-2022-37672

Malicious code in bioql PyPI...

EUVD-2025-19758

Malicious code in bioql PyPI...

CVE-2025-34091 Chrome Cookie Encryption Bypass via Padding Oracle Attack on AppBound Encryption

A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due to observable decryption failure behavior in Windows Event Logs when handling malformed ciphertext in SYSTEM-DPAPI-encrypted blobs. A local attacker can repeatedly send malformed ciphertexts to the...

Web Browser Stored Credentials

Microsoft introduced Data Protection Application Programming Interface DPAPI in Windows environments as a method to encrypt and decrypt sensitive data such as credentials using the… Continue reading - Web Browser Stored Credentials...

Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware

Google has announced that it's adding a new layer of protection to its Chrome browser through what's called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems. "On Windows, Chrome uses the Data Protection API DPAPI which protects the data at rest...

Microsoft Windows Multiple Vulnerabilities (KB5033375)

This host is missing an important security update according to Microsoft KB5033375 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2023-36004

Windows DPAPI Data Protection Application Programming Interface Spoofing Vulnerability...

CVE-2023-36004

CVE-2023-36004 is a Windows DPAPI spoofing vulnerability. The records indicate the DPAPI component can be abused to pretend to be another user, with high impact on confidentiality, integrity, and availability (CVSSv3.1: 7.5). Multiple sources (NVD entry and ENISA/OpenVAS listings) corroborate the...

Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability

...

Delinea Thycotic Secret Server Dump

This module exports and decrypts Secret Server credentials to a CSV file; it is intended as a post-exploitation module for Windows hosts with Delinea/Thycotic Secret Server installed. Master Encryption Key MEK and associated IV values are decrypted from encryption.config using a static key baked...

Information disclosure

Windows DPAPI Data Protection Application Programming Interface Information Disclosure Vulnerability...

CVE-2022-34723

CVE-2022-34723 is a Windows DPAPI information disclosure vulnerability. The provided sources indicate the issue affects Windows DPAPI with confidentiality impact and local access requirements (CVSS v3.1: 5.5, Local, Low Privileges, Low Attack Complexity). No explicit root-cause details are given ...

CVE-2022-34723 Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability

...

CVE-2022-34723 Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability

...

Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability

...

KLA19245 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...

Chlonium - Chromium Cookie Import / Export Tool

Chlonium is an application designed for cloning Chromium Cookies. From Chromium 80 and upwards, cookies are encrypted using AES-256 GCM, with a state key which is stored in the Local State file. This state key is encrypted using DPAPI. This is a change from older versions, which used DPAPI to...

DonPAPI - Dumping DPAPI Credz Remotely

Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...