CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2010-5196
https://notcve.org/view.php?id=CVE-2010-5196
Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file. NOTE: some of these details are obtained from third party information. Vulnerabilidad de ruta de búsqueda no confiable en KeePass Password Safe anterior a v2.13 permite a usuarios locales obtener privilegios a través de un archivo dwmapi.dll caballo de troya en el directorio de trabajo actual, como lo demuestra un directorio que contiene un archivo Kdbx. NOTA: algunos de estos detalles han sido obtenidos a partir de información de terceros • http://secunia.com/advisories/41167 http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list http://www.keepass.info/news/n100906_2.13.html •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0984
https://notcve.org/view.php?id=CVE-2001-0984
Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard and minimizes Password Safe with the "Clear the password when minimized" and "Lock password database on minimize and prompt on restore" options enabled, which could allow an attacker with access to the memory (e.g. an administrator) to read the passwords. • http://www.securityfocus.com/archive/1/213931 http://www.securityfocus.com/bid/3337 https://exchange.xforce.ibmcloud.com/vulnerabilities/7123 •