Lucene search
K

166 matches found

CNNVD
CNNVD
added 2023/01/22 12:0 a.m.4 views

KeePass 安全漏洞

KeePass is an open source password manager. A security vulnerability exists in KeePass version 2.53 and earlier versions. An attacker exploited the vulnerability to obtain plaintext passwords by adding an export trigger...

5.5CVSS6.1AI score0.03661EPSS
Exploits2References3
CVE
CVE
added 2023/01/22 12:0 a.m.192 views

CVE-2023-24055

CVE-2023-24055 affects KeePass up to version 2.53 where an attacker with write access to KeePass.config.xml can trigger an export and exfiltrate cleartext passwords. Evidence and discussion appear in NVD/NVD-derived entries, OSS advisories, Mageia MGASA-2023-0221 (fix/update discussions), OSV- MG...

5.5CVSS6AI score0.03661EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/09 12:0 a.m.4 views

PT-2022-7125 · Keepass +2 · Keepass +3

Name of the Vulnerable Software and Affected Versions: KeePass versions 2.53 and earlier KeePass through 2.53 in a default installation Description: The issue is related to the storage of critical information in an unencrypted manner. An attacker with write access to the XML configuration file ca...

7.5CVSS9.4AI score0.04655EPSS
Exploits7References46
The Hacker News
The Hacker News
added 2022/11/03 9:20 a.m.93 views

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT

The operators of RomCom RAT malware are continuing to evolve their campaigns by distributing rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro via fake copycat websites. Targets of the operation consist of victims in Ukraine an...

7.1AI score
Exploits0
NVD
NVD
added 2022/11/01 7:15 p.m.27 views

CVE-2022-3781

Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote...

6.5CVSS0.00434EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/01 12:0 a.m.3 views

Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2022.3.7 and prior versions, which stems from Dashlane passwords and Keepass Server...

6.5CVSS6.6AI score0.00434EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.5 views

PT-2022-24088 · Devolutions +1 · Devolutions Remote Desktop Manager +2

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2022.2.26 and prior Devolutions Server versions 2022.3.1 and prior Description: The issue concerns the lack of encryption for Dashlane password and Keepass Server password in My Account Settings,...

6.5CVSS6.4AI score0.00434EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/10/01 12:0 a.m.8 views

08cms (=1.0.0), 1pif-to-keepass (=0.1.0) +6781 more potentially affected by CVE-2022-21222 via css-what (>=1.0.0 <=2.1.0)

css-what NPM version =1.0.0, =0.0.1, =0.1.0, =0.0.1, =0.0.0, =1.0.0, =1.0.1, =0.0.1, =2.0.0, =2.2.0 - @battlemidget/generator-nm =1.4.1 - @benzed/dev =0.9.0 and more Source cves: CVE-2022-21222 Source advisory: OSV:GHSA-P28H-CC7Q-C4FG...

7.5CVSS7AI score0.01421EPSS
Exploits1
Talos Blog
Talos Blog
added 2022/09/08 6:0 p.m.29 views

Threat Source newsletter (Sept. 8, 2022) — Why there is no one-stop-shop solution for protecting passwords

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. It seems like there’s at least one major password breach every month — if not more. Most recently, there was an incident at Plex where all users had to reset their passwords. Many users pay for a password management...

7.5AI score
Exploits0
NVD
NVD
added 2022/03/10 5:44 p.m.22 views

CVE-2022-0725

A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...

7.5CVSS0.02413EPSS
Exploits1References1
OSV
OSV
added 2022/03/10 5:44 p.m.7 views

CVE-2022-0725

A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...

7.5CVSS5.4AI score0.02413EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/03/10 5:44 p.m.7 views

CVE-2022-0725

A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...

7.5CVSS5.4AI score0.02413EPSS
Exploits1References3
Prion
Prion
added 2022/03/10 5:44 p.m.18 views

Information disclosure

A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...

5CVSS7.2AI score0.02413EPSS
Exploits1References1Affected Software3
OSV
OSV
added 2022/03/10 5:44 p.m.7 views

UBUNTU-CVE-2022-0725

A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...

7.5CVSS7AI score0.02413EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.6 views

KeePass 日志信息泄露漏洞

KeePass is an open source password manager. KeePass suffers from a log information disclosure vulnerability that occurs due to recording plain text passwords in system logs and results in an information exposure vulnerability. This vulnerability allows an attacker to interact and read sensitive...

7.5CVSS7.3AI score0.02413EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/03/07 2:0 p.m.29 views

CVE-2022-0725

A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs...

7.5AI score0.02413EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2022/03/07 2:0 p.m.50 views

CVE-2022-0725

Removed by vendor...

7.5CVSS7.5AI score0.02413EPSS
Exploits1
CVE
CVE
added 2022/03/07 2:0 p.m.182 views

CVE-2022-0725

CVE-2022-0725 concerns KeePass, where a flaw causes plaintext passwords to be logged in system logs, resulting in information disclosure. The root cause is logging sensitive credentials, enabling an attacker to read passwords and related logs. Connected sources confirm the vulnerability across mu...

7.5CVSS7.2AI score0.02413EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/07 12:0 a.m.12 views

PT-2022-13391 · Keepass · Keepass

Name of the Vulnerable Software and Affected Versions: KeePass affected versions not specified Description: A flaw in KeePass leads to an Information Exposure issue due to the logging of plain text passwords in the system log. This allows an attacker to interact with and read sensitive passwords...

7.5CVSS7.2AI score0.02413EPSS
Exploits1References9
GithubExploit
GithubExploit
added 2022/02/28 6:53 a.m.329 views

Exploit for Insertion of Sensitive Information into Log File in Keepass

PoC exploit for CVE-2022-0725, a vulnerability in KeePass. The t...

7.5CVSS8.2AI score0.02413EPSS
Exploits1
Rows per page
Query Builder