VYPR
Vendor

PassWork

Products
1
CVEs
7
Across products
7
Status
Private

Products

1

Recent CVEs

7
  • CVE-2022-25268HigMar 23, 2022
    risk 0.57cvss 8.8epss 0.00

    Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems.

  • CVE-2022-25267HigMar 23, 2022
    risk 0.57cvss 8.8epss 0.01

    Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal (to upload files).

  • CVE-2023-49949HigDec 26, 2023
    risk 0.53cvss 8.1epss 0.01

    Passwork before 6.2.0 allows remote authenticated users to bypass 2FA by sending all one million of the possible 6-digit codes.

  • CVE-2022-42956HigNov 7, 2022
    risk 0.49cvss 7.5epss 0.00

    The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain the cleartext master password.

  • CVE-2022-42955HigNov 7, 2022
    risk 0.49cvss 7.5epss 0.00

    The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials.

  • CVE-2022-25269MedMar 23, 2022
    risk 0.40cvss 6.1epss 0.01

    Passwork On-Premise Edition before 4.6.13 has multiple XSS issues.

  • CVE-2022-25266MedMar 23, 2022
    risk 0.28cvss 4.3epss 0.01

    Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal (to read files).