166 matches found
KeePass 安全漏洞
KeePass is an open source password manager. A security vulnerability exists in KeePass version 2.53 and earlier versions. An attacker exploited the vulnerability to obtain plaintext passwords by adding an export trigger...
CVE-2023-24055
CVE-2023-24055 affects KeePass up to version 2.53 where an attacker with write access to KeePass.config.xml can trigger an export and exfiltrate cleartext passwords. Evidence and discussion appear in NVD/NVD-derived entries, OSS advisories, Mageia MGASA-2023-0221 (fix/update discussions), OSV- MG...
PT-2022-7125 · Keepass +2 · Keepass +3
Name of the Vulnerable Software and Affected Versions: KeePass versions 2.53 and earlier KeePass through 2.53 in a default installation Description: The issue is related to the storage of critical information in an unencrypted manner. An attacker with write access to the XML configuration file ca...
Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT
The operators of RomCom RAT malware are continuing to evolve their campaigns by distributing rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro via fake copycat websites. Targets of the operation consist of victims in Ukraine an...
CVE-2022-3781
Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote...
Devolutions Remote Desktop Manager 安全漏洞
Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2022.3.7 and prior versions, which stems from Dashlane passwords and Keepass Server...
PT-2022-24088 · Devolutions +1 · Devolutions Remote Desktop Manager +2
Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2022.2.26 and prior Devolutions Server versions 2022.3.1 and prior Description: The issue concerns the lack of encryption for Dashlane password and Keepass Server password in My Account Settings,...
08cms (=1.0.0), 1pif-to-keepass (=0.1.0) +6781 more potentially affected by CVE-2022-21222 via css-what (>=1.0.0 <=2.1.0)
css-what NPM version =1.0.0, =0.0.1, =0.1.0, =0.0.1, =0.0.0, =1.0.0, =1.0.1, =0.0.1, =2.0.0, =2.2.0 - @battlemidget/generator-nm =1.4.1 - @benzed/dev =0.9.0 and more Source cves: CVE-2022-21222 Source advisory: OSV:GHSA-P28H-CC7Q-C4FG...
Threat Source newsletter (Sept. 8, 2022) — Why there is no one-stop-shop solution for protecting passwords
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. It seems like there’s at least one major password breach every month — if not more. Most recently, there was an incident at Plex where all users had to reset their passwords. Many users pay for a password management...
CVE-2022-0725
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...
CVE-2022-0725
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...
CVE-2022-0725
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...
Information disclosure
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...
UBUNTU-CVE-2022-0725
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...
KeePass 日志信息泄露漏洞
KeePass is an open source password manager. KeePass suffers from a log information disclosure vulnerability that occurs due to recording plain text passwords in system logs and results in an information exposure vulnerability. This vulnerability allows an attacker to interact and read sensitive...
CVE-2022-0725
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...
CVE-2022-0725
Removed by vendor...
CVE-2022-0725
CVE-2022-0725 concerns KeePass, where a flaw causes plaintext passwords to be logged in system logs, resulting in information disclosure. The root cause is logging sensitive credentials, enabling an attacker to read passwords and related logs. Connected sources confirm the vulnerability across mu...
PT-2022-13391 · Keepass · Keepass
Name of the Vulnerable Software and Affected Versions: KeePass affected versions not specified Description: A flaw in KeePass leads to an Information Exposure issue due to the logging of plain text passwords in the system log. This allows an attacker to interact with and read sensitive passwords...
Exploit for Insertion of Sensitive Information into Log File in Keepass
PoC exploit for CVE-2022-0725, a vulnerability in KeePass. The t...