CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-15629
https://notcve.org/view.php?id=CVE-2019-15629
25 Nov 2019 — Trend Micro Password Manager versions 3.x, 5.0, and 5.1 for Android is affected by a FLAG_MISUSE vulnerability that could be exploited to allow the application to share information to third-party applications on the device. Trend Micro Password Manager versiones 3.x, 5.0 y 5.1 para Android, están afectadas por una vulnerabilidad FLAG_MISUSE que podría ser explotada para permitir a la aplicación compartir información con aplicaciones de terceros en el dispositivo. • https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124012.aspx •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14687
https://notcve.org/view.php?id=CVE-2019-14687
20 Aug 2019 — A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14684. Existe una vulnerabilidad de secuestro de DLL en Trend Micro Password Manager 5.0 en el que, si se explota, permitiría a un atacante cargar una DLL arbitraria sin firmar en el proceso del servicio firmado. Este proceso es muy similar, pero no idéntico al ... • https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14684
https://notcve.org/view.php?id=CVE-2019-14684
20 Aug 2019 — A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. This process is very similar, yet not identical to CVE-2019-14687. Existe una vulnerabilidad de secuestro de DLL en Trend Micro Password Manager 5.0 en el que, si se explota, permitiría a un atacante cargar una DLL arbitraria sin firmar en el proceso del servicio firmado. Este proceso es muy similar, pero no idéntico al ... • https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123396.aspx • CWE-427: Uncontrolled Search Path Element •
CVSS: 3.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-9700
https://notcve.org/view.php?id=CVE-2019-9700
16 Jul 2019 — Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic. Norton Password Manager, anterior a versión 6.3.0.2082, puede ser susceptible a un problema de suplantación de direcciones. Este clase de problema puede permitir a un atacante disfrazar su dirección IP de origen para ofuscar la fuente del tráfico de la red. • https://support.symantec.com/us/en/article.SYMSA1483.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10884
https://notcve.org/view.php?id=CVE-2019-10884
05 Apr 2019 — Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing campaigns and create a sense of false security. Uniqkey Password Manager 1.14 contiene una vulnerabilidad porque no reconoce correctamente la diferencia entre los dominios y subdominios. Esta vulnerabilidad significa que las contrase... • https://vuldb.com/?id.133069 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2019-10676 – Uniqkey Password Manager 1.14 Credential Disclosure
https://notcve.org/view.php?id=CVE-2019-10676
05 Apr 2019 — An issue was discovered in Uniqkey Password Manager 1.14. Upon entering new credentials to a site that is not registered within this product, a pop-up window will appear prompting the user if they want to save this new password. This pop-up window will persist on any page the user enters within the browser until a decision is made. The code of the pop-up window can be read by remote servers and contains the login credentials and URL in cleartext. A malicious server could easily grab this information from th... • https://cxsecurity.com/issue/WLB-2019040055 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2019-10845 – Uniqkey Password Manager 1.14 Denial of Service
https://notcve.org/view.php?id=CVE-2019-10845
05 Apr 2019 — An issue was discovered in Uniqkey Password Manager 1.14. When entering new credentials to a site that isn't registered within this product, a pop-up window will appear asking the user if they want to save these new credentials. The code of the pop-up window can be read and, to some extent, manipulated by remote servers. This pop-up window will stay on any page the user visits within the browser until a decision is made. A malicious web server can forcefully manipulate the pop-up and cause it not to appear,... • http://packetstormsecurity.com/files/152452/Uniqkey-Password-Manager-1.14-Denial-Of-Service.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6306
https://notcve.org/view.php?id=CVE-2018-6306
19 Apr 2018 — Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538. Ejecución de código no autorizado de un DLL específico, conocido como ataque de secuestro de DLL, en las versiones anteriores a la 8.0.6.538 de Kaspersky Password Manager. • https://support.kaspersky.com/vulnerability.aspx?el=12430#120418 • CWE-426: Untrusted Search Path •