Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
password manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-10676
An issue exists in Uniqkey Password Manager 1.14. Upon entering new credentials to a site that is not registered within this product, a pop-up window will appear prompting the user if they want to save this new password. This pop-up window will persist on any page the user enters...
Uniqkey Password Manager 1.14
5.9
CVSSv3
CVE-2018-12240
The Norton Identity Safe product before 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials.
Symantec Norton Password Manager
6.5
CVSSv3
CVE-2019-10845
An issue exists in Uniqkey Password Manager 1.14. When entering new credentials to a site that isn't registered within this product, a pop-up window will appear asking the user if they want to save these new credentials. The code of the pop-up window can be read and, to some...
Uniqkey Password Manager 1.14
5.5
CVSSv3
CVE-2019-12755
Norton Password Manager, before 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
Symantec Norton Password Manager
5.4
CVSSv3
CVE-2019-19461
Post-authentication Stored XSS in Team Password Manager up to and including 7.93.204 allows malicious users to steal other users' credentials by creating a shared password with HTML code as the title.
Teampasswordmanager Team Password Manager
7.5
CVSSv3
CVE-2018-18365
Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an malicious user to disguise their origin IP address in order to obfuscate the source of network traffic.
Symantec Norton Password Manager
7.5
CVSSv3
CVE-2021-44037
Team Password Manager (aka TeamPasswordManager) prior to 10.135.236 allows password-reset poisoning.
Teampasswordmanager Team Password Manager
7.8
CVSSv3
CVE-2019-14684
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an malicious user to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14687.
Trendmicro Password Manager 5.0
NA
CVE-2014-9372
Directory traversal vulnerability in the UploadAccountActivities servlet in ManageEngine Password Manager Pro (PMP) prior to 7103 allows remote malicious users to delete arbitrary files via a .. (dot dot) in a filename.
Manageengine Password Manager Pro
7.8
CVSSv3
CVE-2019-14687
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an malicious user to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14684.
Trendmicro Password Manager 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »