) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:teampass:teampass:2.1.4:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-3565 |
Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10. Published: July 10, 2023; 12:15:56 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-3553 |
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nilsteampassnet/teampass prior to 3.0.10. Published: July 08, 2023; 5:15:43 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-3552 |
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.10. Published: July 08, 2023; 5:15:43 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-3551 |
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10. Published: July 08, 2023; 5:15:42 AM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
| CVE-2023-3531 |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.10. Published: July 06, 2023; 4:15:09 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-3191 |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Published: June 10, 2023; 5:15:09 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-3190 |
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Published: June 10, 2023; 5:15:09 AM -0400 |
V3.1: 4.6 MEDIUM V2.0:(not available) |
| CVE-2023-3095 |
Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Published: June 04, 2023; 7:15:09 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-3086 |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Published: June 03, 2023; 8:15:09 AM -0400 |
V3.1: 9.0 CRITICAL V2.0:(not available) |
| CVE-2023-3084 |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Published: June 03, 2023; 7:15:20 AM -0400 |
V3.1: 8.1 HIGH V2.0:(not available) |
| CVE-2023-3083 |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Published: June 03, 2023; 4:15:08 AM -0400 |
V3.1: 8.7 HIGH V2.0:(not available) |
| CVE-2023-3009 |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Published: May 31, 2023; 9:15:10 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-2859 |
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Published: May 24, 2023; 4:15:09 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-2591 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7. Published: May 09, 2023; 6:15:10 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-2516 |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7. Published: May 05, 2023; 3:15:15 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-2021 |
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3. Published: April 13, 2023; 8:15:08 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-1545 |
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23. Published: March 21, 2023; 7:15:10 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-1463 |
Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23. Published: March 17, 2023; 8:15:11 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-1070 |
External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22. Published: February 27, 2023; 11:15:12 AM -0500 |
V3.1: 7.1 HIGH V2.0:(not available) |
| CVE-2020-11671 |
Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default. Published: May 04, 2020; 10:15:13 AM -0400 |
V3.1: 8.1 HIGH V2.0: 5.8 MEDIUM |