Vulnerabilities > Keepass
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-15 | CVE-2023-32784 | Cleartext Transmission of Sensitive Information vulnerability in Keepass In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. | 7.5 |
| 2023-01-22 | CVE-2023-24055 | Cleartext Storage of Sensitive Information vulnerability in Keepass KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. | 5.5 |
| 2022-03-10 | CVE-2022-0725 | Information Exposure Through Log Files vulnerability in multiple products A flaw was found in keepass. | 7.5 |
| 2020-01-09 | CVE-2019-20184 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Keepass 2.4.1 KeePass 2.4.1 allows CSV injection in the title field of a CSV export. | 7.8 |
| 2017-07-17 | CVE-2017-1000066 | Unspecified vulnerability in Keepass 1.32 The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information. | 7.5 |
| 2017-01-23 | CVE-2016-5119 | Improper Input Validation vulnerability in Keepass The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update. | 7.5 |