Vulnerabilities > Keepass

DATE CVE VULNERABILITY TITLE RISK
2023-05-15 CVE-2023-32784 Cleartext Transmission of Sensitive Information vulnerability in Keepass
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running.
network
low complexity
keepass CWE-319
7.5
2023-01-22 CVE-2023-24055 Cleartext Storage of Sensitive Information vulnerability in Keepass
KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger.
local
low complexity
keepass CWE-312
5.5
2022-03-10 CVE-2022-0725 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in keepass.
network
low complexity
keepass fedoraproject CWE-532
7.5
2020-01-09 CVE-2019-20184 Improper Neutralization of Formula Elements in a CSV File vulnerability in Keepass 2.4.1
KeePass 2.4.1 allows CSV injection in the title field of a CSV export.
local
low complexity
keepass CWE-1236
7.8
2017-07-17 CVE-2017-1000066 Unspecified vulnerability in Keepass 1.32
The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information.
network
low complexity
keepass
5.0
2017-01-23 CVE-2016-5119 Improper Input Validation vulnerability in Keepass
The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.
network
high complexity
keepass CWE-20
5.1
2012-09-06 CVE-2010-5200 Unspecified vulnerability in Keepass
Untrusted search path vulnerability in KeePass Password Safe before 1.18 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .kdb file.
local
keepass
6.9
2012-09-06 CVE-2010-5196 Unspecified vulnerability in Keepass Password Safe 1.6/2.10
Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file.
local
keepass
6.9