Vendor
LastPass
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-16371 | Hig | 0.53 | 8.2 | 0.01 | Sep 16, 2019 | LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking. | ||
| CVE-2013-5113 | Med | 0.44 | 6.8 | 0.01 | Jan 31, 2020 | LastPass prior to 2.5.1 has an insecure PIN implementation. | ||
| CVE-2013-5114 | Med | 0.40 | 6.1 | 0.01 | Jan 31, 2020 | LastPass prior to 2.5.1 allows secure wipe bypass. | ||
| CVE-2020-35207 | Med | 0.37 | 5.7 | 0.00 | Dec 12, 2020 | An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker… |
- risk 0.53cvss 8.2epss 0.01
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking.
- risk 0.44cvss 6.8epss 0.01
LastPass prior to 2.5.1 has an insecure PIN implementation.
- risk 0.40cvss 6.1epss 0.01
LastPass prior to 2.5.1 allows secure wipe bypass.
- risk 0.37cvss 5.7epss 0.00
An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to be true through runtime manipulation. In other words, an attacker…