65 matches found
CVE-2024-33901
KeePassXC 2.7.7 is affected by CVE-2024-33901: an attacker with the victim’s privileges can recover some passwords stored in the .kdbx database via a memory dump. The vendor disputes the claim, citing unavoidable memory-management constraints in the current design. A Proof-of-Concept repo demonst...
CVE-2024-33901
Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
CVE-2024-33901
Issue in KeePassXC 2.7.7 allows an attacker who has the privileges of the victim to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs...
KeePass 安全漏洞
KeePass is an open source password manager. A security vulnerability exists in KeePassXC version 2.7.7, which stems from a vulnerability that allows an attacker to recover some passwords stored in the .kdbx database...
PT-2024-25536 · Keepassxc · Keepassxc
Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker with victim privileges to recover cleartext credentials via a memory dump. It is noted that the vendor disputes this, citing memory-management constraints that make this...
KeePass 安全漏洞
KeePass is an open source password manager. A security vulnerability exists in KeePassXC version 2.7.7, which stems from a vulnerability that allows an attacker to recover plaintext credentials...
PT-2024-25537 · Keepassxc · Keepassxc
Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker, who has the privileges of the victim, to recover some passwords stored in the .kdbx database via a memory dump. The vendor disputes this, citing memory-management constraints...
ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities
ThievingFox is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities. Each module leverages a specific method of injecting into the target process, and then hooks internals functions to gather crendentials. The accompanying blog post ca...
The vulnerability of the Setting Handler component in the KeePassXC password manager allows attackers to circumvent existing security restrictions.
The vulnerability of the Setting Handler component in the KeePassXC password manager is related to the bypassing of security features. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...
SUSE CVE-2023-35866
In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...
CVE-2023-35866
In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...
CVE-2023-35866
In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...
Design/Logic Flaw
DISPUTED In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...
CVE-2023-35866
DISPUTED In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...
UBUNTU-CVE-2023-35866
DISPUTED In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...
CVE-2023-35866
In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...
KeePassXC 安全漏洞
KeePass is an open source password manager. A security vulnerability exists in KeePassXC version 2.7.5 and earlier versions. An attacker can exploit the vulnerability to change database security settings...
CVE-2023-35866
KeePassXC (through 2.7.5) exposes a local-authenticated vulnerability (CVE-2023-35866) where an attacker can modify Database security settings, including master password and 2FA, without re-authenticating. The issue occurs within an authenticated KeePassXC Database session and is not contingent o...
CVE-2023-35866
In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...
CVE-2023-35866
In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or...