CVE-2023-32784
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-32784
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
KeePass 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
KeePass是一款开源的密码管理器。 KeePass 2.54之前的2.x版本存在安全漏洞,该漏洞源于即使工作区被锁定或不再运行,也可以从内存转储中恢复明文主密码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2023-32784
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Original PoC for CVE-2023-32784 | https://github.com/vdohney/keepass-password-dumper | POC Details |
| 2 | KeePass Master Password Extraction PoC for Linux | https://github.com/CTM1/CVE-2023-32784-keepass-linux | POC Details |
| 3 | This script complements the results obtained through the keepass-password-dumper tool when exploiting the CVE-2023-32784 vulnerability affecting KeePass. | https://github.com/und3sc0n0c1d0/BruteForce-to-KeePass | POC Details |
| 4 | KeePass 2.X dumper (CVE-2023-32784) | https://github.com/z-jxy/keepass_dump | POC Details |
| 5 | A CVE-2023-32784 proof-of-concept implementation in Rust | https://github.com/LeDocteurDesBits/cve-2023-32784 | POC Details |
| 6 | Re-write of original KeePass 2.X Master Password Dumper (CVE-2023-32784) POC in python. | https://github.com/hau-zy/KeePass-dump-py | POC Details |
| 7 | Retrieve the master password of a keepass database <= 2.53.1 | https://github.com/dawnl3ss/CVE-2023-32784 | POC Details |
| 8 | None | https://github.com/ValentinPundikov/poc-CVE-2023-32784 | POC Details |
| 9 | None | https://github.com/mister-turtle/cve-2023-32784 | POC Details |
| 10 | year 2 semester 1 Systems and Network Programming Assignment | https://github.com/Cmadhushanka/CVE-2023-32784-Exploitation | POC Details |
| 11 | None | https://github.com/le01s/poc-CVE-2023-32784 | POC Details |
| 12 | A Python console program that exploits the security vulnerability CVE-2023-32784 in the password manager KeePass. This exploit reconstructs the master password in plain text based on memory dumps (.DMP). | https://github.com/SarahZimmermann-Schmutzler/exploit_keepass | POC Details |
| 13 | None | https://github.com/dev0558/CVE-2023-32784-EXPLOIT-REPORT | POC Details |
| 14 | After using the KeePass password dumper maybe some character parsed as ● is incorrect and you want to know the real character | https://github.com/G4sp4rCS/CVE-2023-32784-password-combinator-fixer | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-32784
请登录查看更多情报信息。
Same Patch Batch · n/a · 2023-05-15 · 54 CVEs total
| CVE-2023-2124 | Linux kernel 缓冲区错误漏洞 | |
| CVE-2023-1729 | Libraw 缓冲区错误漏洞 | |
| CVE-2023-21104 | Google Android 安全漏洞 | |
| CVE-2023-20930 | Google Android 资源管理错误漏洞 | |
| CVE-2023-21102 | Google Android 安全漏洞 | |
| CVE-2023-21103 | Google Android 安全漏洞 | |
| CVE-2023-20914 | Google Android 安全漏洞 | |
| CVE-2023-21116 | Google Android 安全漏洞 | |
| CVE-2023-21117 | Google Android 安全漏洞 | |
| CVE-2023-21118 | Google Android 缓冲区错误漏洞 | |
| CVE-2023-21112 | Google Android 缓冲区错误漏洞 | |
| CVE-2023-2700 | Red Hat libvirt 安全漏洞 | |
| CVE-2023-30245 | Judging Management System SQL注入漏洞 | |
| CVE-2023-29861 | Teledyne FLIR FLIR-DVTEL camera 安全漏洞 | |
| CVE-2023-31607 | Virtuoso Open-Source Edition SQL注入漏洞 | |
| CVE-2023-31608 | Virtuoso Open-Source Edition SQL注入漏洞 | |
| CVE-2023-31609 | Virtuoso Open-Source Edition SQL注入漏洞 | |
| CVE-2023-31610 | Virtuoso Open-Source Edition SQL注入漏洞 | |
| CVE-2023-31611 | Virtuoso Open-Source Edition SQL注入漏洞 | |
| CVE-2023-31612 | Virtuoso Open-Source Edition SQL注入漏洞 |
Showing top 20 of 54 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2023-32784
No comments yet