CVE-2020-37178 KeePass 2.44 - Denial of Service (PoC)

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash...

CVE-2019-20184

KeePass 2.4.1 allows CSV injection in the title field of a CSV export...

EUVD-2010-5159

Malware in sbrugna...

EUVD-2016-6070

Malware in sbrugna...

EUVD-2010-5155

Malware in sbrugna...

EUVD-2022-15794

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-32784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. Th...

CVE-2023-24055

KeePass through 2.53 in a default installation allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has...

openSUSE 15 Security Update : keepass (openSUSE-SU-2023:0157-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0157-1 advisory. - In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer...

KeePass vulnerability allows attackers to access the master password

KeePass is a free open source password manager, which helps you to manage your passwords and stores them in encrypted form. In fact, KeePass encrypts the whole database, i.e. not only your passwords, but also your user names, URLs, notes, etc. That encrypted database can only be opened with the...

SUSE CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

PT-2023-3057

Name of the Vulnerable Software and Affected Versions KeePass versions prior to 2.54 Description An issue exists in the password manager's password input text field where credentials may be stored in unencrypted form. This could allow a remote attacker to recover the master password in cleartext...

CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

PT-2022-13391 · Keepass · Keepass

Name of the Vulnerable Software and Affected Versions: KeePass affected versions not specified Description: A flaw in KeePass leads to an Information Exposure issue due to the logging of plain text passwords in the system log. This allows an attacker to interact with and read sensitive passwords...

CVE-2019-20184

KeePass 2.4.1 allows CSV injection in the title field of a CSV export...

CVE-2016-5119

The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update...