21 matches found
EUVD-2015-8261
Malware in sbrugna...
SUSE CVE-2015-8378
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...
CVE-2015-8378
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...
CVE-2015-8378
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...
UBUNTU-CVE-2015-8378
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...
CVE-2015-8378
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...
DEBIAN-CVE-2015-8378
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...
CVE-2015-8378
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...
CVE-2015-8378
In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...
CVE-2015-8378
KeePassX up to version 0.4.3 (before 0.4.4) exposes a cleartext copy of password data when a cancel of an XML export is performed. The result is a plaintext .xml file left in the working directory (e.g., home directory), enabling local attackers to read sensitive information. Public sources in th...
Paragon Initiative Enterprises: Missing rel=noopener noreferrer in target=_blank links (Phishing attack)
Links that use target=blank need to have rel="noopener noreferrer" in order to mitigate phishing attack opened page can change the location of page that opened him via window.opener.location = 'http://phishingsite.com/' more information about this vulnerability:...
Fedora 24 : keepassx-0.4.4-1.fc24 (2016-139a37787e)
Revert to 0.4.4 for f24+, update to 0.4.4. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...
Fedora Update for keepassx FEDORA-2016-139
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 24 Update: keepassx-0.4.4-1.fc24
KeePassX is an application for people with extremly high demands on secure personal data management. KeePassX saves many different information e.g. user names, passwords, urls, attachemts and comments in one single database. For a better management user-defined titles and icons can be specified f...
Mageia: Security Advisory (MGASA-2015-0483)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated keepassx packages fix CVE-2015-8378
Updated keepassx package fixes security vulnerability: Cancelling an export operation creates clear text copy of all of the user's KeePassX password database entries. CVE-2015-8378...
MGASA-2015-0483 Updated keepassx packages fix CVE-2015-8378
Updated keepassx package fixes security vulnerability: Cancelling an export operation creates clear text copy of all of the user's KeePassX password database entries. CVE-2015-8378...
KeePassX Security Bypass Vulnerability
KeePassX is an open source cross-platform password management tool . A security vulnerability exists in KeePassX that allows local attackers to bypass security restrictions and perform unauthorized operations...
keepassx: information disclosure
It was found that XML export function creates hidden XML file containing user passwords in plaintext without warning, when the export is canceled, which may go unnoticed by the user. In this case the password database was exported as the file .xml in the current working directory often $HOME or t...
FreeBSD : KeePassX -- information disclosure (918a5d1f-9d40-11e5-8f5c-002590263bf5)
Yves-Alexis Perez reports : Starting an export using File / Export to / KeepassX XML file and cancelling it leads to KeepassX saving a cleartext XML file in /.xml without any warning. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...