Lucene search
K

65 matches found

CVE
CVE
added 2024/05/20 8:21 p.m.107 views

CVE-2024-33901

KeePassXC 2.7.7 is affected by CVE-2024-33901: an attacker with the victim’s privileges can recover some passwords stored in the .kdbx database via a memory dump. The vendor disputes the claim, citing unavoidable memory-management constraints in the current design. A Proof-of-Concept repo demonst...

6.5CVSS6.4AI score0.00699EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2024/05/20 8:21 p.m.22 views

CVE-2024-33901

Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...

6.2AI score0.00699EPSS
Exploits2References4
OSV
OSV
added 2024/05/20 8:21 p.m.14 views

CVE-2024-33901

Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...

6.5CVSS6.3AI score0.00699EPSS
Exploits2References6
CNNVD
CNNVD
added 2024/05/20 12:0 a.m.6 views

KeePass 安全漏洞

KeePass is an open source password manager. A security vulnerability exists in KeePassXC version 2.7.7, which stems from a vulnerability that allows an attacker to recover some passwords stored in the .kdbx database...

6.5CVSS6.5AI score0.00699EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.9 views

PT-2024-25536 · Keepassxc · Keepassxc

Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker with victim privileges to recover cleartext credentials via a memory dump. It is noted that the vendor disputes this, citing memory-management constraints that make this...

6.5CVSS6.8AI score0.00344EPSS
Exploits1References13
CNNVD
CNNVD
added 2024/05/20 12:0 a.m.5 views

KeePass 安全漏洞

KeePass is an open source password manager. A security vulnerability exists in KeePassXC version 2.7.7, which stems from a vulnerability that allows an attacker to recover plaintext credentials...

6.5CVSS6.7AI score0.00344EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/05/20 12:0 a.m.8 views

PT-2024-25537 · Keepassxc · Keepassxc

Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker, who has the privileges of the victim, to recover some passwords stored in the .kdbx database via a memory dump. The vendor disputes this, citing memory-management constraints...

6.5CVSS6.6AI score0.00699EPSS
Exploits2References14
Kitploit
Kitploit
added 2024/04/30 12:30 p.m.82 views

ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities

ThievingFox is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities. Each module leverages a specific method of injecting into the target process, and then hooks internals functions to gather crendentials. The accompanying blog post ca...

8.2AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/04/02 12:0 a.m.11 views

The vulnerability of the Setting Handler component in the KeePassXC password manager allows attackers to circumvent existing security restrictions.

The vulnerability of the Setting Handler component in the KeePassXC password manager is related to the bypassing of security features. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

5.5CVSS5.9AI score0.00239EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2023/06/20 1:13 a.m.6 views

SUSE CVE-2023-35866

In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

5.5CVSS6.9AI score0.00239EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/19 6:15 a.m.3 views

CVE-2023-35866

In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

5.5CVSS5.5AI score0.00239EPSS
Exploits0References7
NVD
NVD
added 2023/06/19 6:15 a.m.27 views

CVE-2023-35866

In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

5.5CVSS5.6AI score0.00239EPSS
Exploits0References5
Prion
Prion
added 2023/06/19 6:15 a.m.215 views

Design/Logic Flaw

DISPUTED In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

1.7CVSS5.6AI score0.00239EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2023/06/19 6:15 a.m.37 views

CVE-2023-35866

DISPUTED In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

5.5CVSS7AI score0.00239EPSS
Exploits0
OSV
OSV
added 2023/06/19 6:15 a.m.6 views

UBUNTU-CVE-2023-35866

DISPUTED In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/06/19 12:0 a.m.8 views

CVE-2023-35866

In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

5.6AI score0.00239EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/06/19 12:0 a.m.5 views

KeePassXC 安全漏洞

KeePass is an open source password manager. A security vulnerability exists in KeePassXC version 2.7.5 and earlier versions. An attacker can exploit the vulnerability to change database security settings...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References7
CVE
CVE
added 2023/06/19 12:0 a.m.399 views

CVE-2023-35866

KeePassXC (through 2.7.5) exposes a local-authenticated vulnerability (CVE-2023-35866) where an attacker can modify Database security settings, including master password and 2FA, without re-authenticating. The issue occurs within an authenticated KeePassXC Database session and is not contingent o...

5.5CVSS5.6AI score0.00239EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/06/19 12:0 a.m.36 views

CVE-2023-35866

In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

5.5CVSS6.1AI score0.00239EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/06/19 12:0 a.m.21 views

CVE-2023-35866

In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...

5.9AI score0.00239EPSS
Exploits0References5
Rows per page
Query Builder