Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-32784
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
KeePass 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
KeePass是一款开源的密码管理器。 KeePass 2.54之前的2.x版本存在安全漏洞,该漏洞源于即使工作区被锁定或不再运行,也可以从内存转储中恢复明文主密码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2023-32784
#POC DescriptionSource LinkShenlong Link
1Original PoC for CVE-2023-32784https://github.com/vdohney/keepass-password-dumperPOC Details
2KeePass Master Password Extraction PoC for Linuxhttps://github.com/CTM1/CVE-2023-32784-keepass-linuxPOC Details
3This script complements the results obtained through the keepass-password-dumper tool when exploiting the CVE-2023-32784 vulnerability affecting KeePass.https://github.com/und3sc0n0c1d0/BruteForce-to-KeePassPOC Details
4KeePass 2.X dumper (CVE-2023-32784)https://github.com/z-jxy/keepass_dumpPOC Details
5A CVE-2023-32784 proof-of-concept implementation in Rusthttps://github.com/LeDocteurDesBits/cve-2023-32784POC Details
6Re-write of original KeePass 2.X Master Password Dumper (CVE-2023-32784) POC in python.https://github.com/hau-zy/KeePass-dump-pyPOC Details
7Retrieve the master password of a keepass database <= 2.53.1https://github.com/dawnl3ss/CVE-2023-32784POC Details
8Nonehttps://github.com/ValentinPundikov/poc-CVE-2023-32784POC Details
9Nonehttps://github.com/mister-turtle/cve-2023-32784POC Details
10year 2 semester 1 Systems and Network Programming Assignmenthttps://github.com/Cmadhushanka/CVE-2023-32784-ExploitationPOC Details
11Nonehttps://github.com/le01s/poc-CVE-2023-32784POC Details
12A Python console program that exploits the security vulnerability CVE-2023-32784 in the password manager KeePass. This exploit reconstructs the master password in plain text based on memory dumps (.DMP).https://github.com/SarahZimmermann-Schmutzler/exploit_keepassPOC Details
13Nonehttps://github.com/dev0558/CVE-2023-32784-EXPLOIT-REPORTPOC Details
14After using the KeePass password dumper maybe some character parsed as ● is incorrect and you want to know the real characterhttps://github.com/G4sp4rCS/CVE-2023-32784-password-combinator-fixerPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2023-32784
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: n/a
Same vendor: n/a
V. Comments for CVE-2023-32784

No comments yet

Leave a comment