Vulnerabilities > Keepass > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-22 | CVE-2023-24055 | Cleartext Storage of Sensitive Information vulnerability in Keepass KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. | 5.5 |
| 2017-07-17 | CVE-2017-1000066 | Unspecified vulnerability in Keepass 1.32 The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information. | 5.0 |
| 2017-01-23 | CVE-2016-5119 | Improper Input Validation vulnerability in Keepass The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update. | 5.1 |
| 2012-09-06 | CVE-2010-5200 | Unspecified vulnerability in Keepass Untrusted search path vulnerability in KeePass Password Safe before 1.18 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .kdb file. local keepass | 6.9 |
| 2012-09-06 | CVE-2010-5196 | Unspecified vulnerability in Keepass Password Safe 1.6/2.10 Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file. local keepass | 6.9 |