Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
password manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-10884
Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing c...
Uniqkey Password Manager 1.14
6.4
CVSSv2
CVE-2014-9372
Directory traversal vulnerability in the UploadAccountActivities servlet in ManageEngine Password Manager Pro (PMP) prior to 7103 allows remote malicious users to delete arbitrary files via a .. (dot dot) in a filename.
Manageengine Password Manager Pro
4.3
CVSSv2
CVE-2018-18362
Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable malicious users to inject client-side scripts into web pages viewed by other users. A cross-site scripting vuln...
Symantec Norton Password Manager
5
CVSSv2
CVE-2021-44037
Team Password Manager (aka TeamPasswordManager) prior to 10.135.236 allows password-reset poisoning.
Teampasswordmanager Team Password Manager
4.3
CVSSv2
CVE-2018-12240
The Norton Identity Safe product before 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials.
Symantec Norton Password Manager
6.5
CVSSv2
CVE-2014-8499
Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition prior to 7.1 build 7105 allow remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parameter to (1) SQLAdv...
Manageengine Password Manager Pro
1 EDB exploit
6.8
CVSSv2
CVE-2021-44036
Team Password Manager (aka TeamPasswordManager) prior to 10.135.236 has a CSRF vulnerability during import.
Teampasswordmanager Team Password Manager
6.8
CVSSv2
CVE-2019-14687
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an malicious user to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14684.
Trendmicro Password Manager 5.0
2.1
CVSSv2
CVE-2019-12755
Norton Password Manager, before 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
Symantec Norton Password Manager
4.3
CVSSv2
CVE-2019-10845
An issue exists in Uniqkey Password Manager 1.14. When entering new credentials to a site that isn't registered within this product, a pop-up window will appear asking the user if they want to save these new credentials. The code of the pop-up window can be read and, to some...
Uniqkey Password Manager 1.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »