cbcvebase.

Nilsteampassnet Teampass vulnerabilities

19 known vulnerabilities affecting nilsteampassnet/nilsteampassnet_teampass.

Total CVEs
19
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH7MEDIUM11

Vulnerabilities

Page 1 of 1
CVE-2023-1545P2HIGHCVSS 7.5PoC≥ unspecified, < 3.0.0.232023-03-21
CVE-2023-1545 [HIGH] CWE-89 CVE-2023-1545: SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23. SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
nvd
CVE-2023-2859P3HIGHCVSS 8.8≥ unspecified, < 3.0.92023-05-24
CVE-2023-2859 [HIGH] CWE-94 CVE-2023-2859: Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
nvd
CVE-2023-3553P3HIGHCVSS 7.5≥ unspecified, < 3.0.102023-07-08
CVE-2023-3553 [HIGH] CWE-200 CVE-2023-3553: Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nilsteampassnet/team Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
nvd
CVE-2023-3551P3HIGHCVSS 7.2≥ unspecified, < 3.0.102023-07-08
CVE-2023-3551 [HIGH] CWE-94 CVE-2023-3551: Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10. Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
nvd
CVE-2023-3083P3HIGHCVSS 8.7≥ unspecified, < 3.0.92023-06-03
CVE-2023-3083 [HIGH] CWE-79 CVE-2023-3083: Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
nvd
CVE-2023-3086P3CRITICALCVSS 9.0≥ unspecified, < 3.0.92023-06-03
CVE-2023-3086 [CRITICAL] CWE-79 CVE-2023-3086: Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
nvd
CVE-2023-3095P3MEDIUMCVSS 6.5≥ unspecified, < 3.0.92023-06-04
CVE-2023-3095 [MEDIUM] CWE-284 CVE-2023-3095: Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
nvd
CVE-2023-1070P4HIGHCVSS 7.1≥ unspecified, < 3.0.0.222023-02-27
CVE-2023-1070 [HIGH] CWE-73 CVE-2023-1070: External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.2 External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.
nvd
CVE-2023-3084P4HIGHCVSS 8.1≥ unspecified, < 3.0.92023-06-03
CVE-2023-3084 [HIGH] CWE-79 CVE-2023-3084: Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
nvd
CVE-2023-1463P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.0.232023-03-17
CVE-2023-1463 [MEDIUM] CWE-639 CVE-2023-1463: Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
nvd
CVE-2023-3531P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.102023-07-06
CVE-2023-3531 [MEDIUM] CWE-79 CVE-2023-3531: Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.10. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
nvd
CVE-2023-3009P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.92023-05-31
CVE-2023-3009 [MEDIUM] CWE-79 CVE-2023-3009: Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
nvd
CVE-2023-2516P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.72023-05-05
CVE-2023-2516 [MEDIUM] CWE-79 CVE-2023-2516: Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
nvd
CVE-2023-2591P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.72023-05-09
CVE-2023-2591 [MEDIUM] CWE-79 CVE-2023-2591: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repos Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
nvd
CVE-2023-3191P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.92023-06-10
CVE-2023-3191 [MEDIUM] CWE-79 CVE-2023-3191: Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
nvd
CVE-2023-3565P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.102023-07-10
CVE-2023-3565 [MEDIUM] CWE-79 CVE-2023-3565: Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10. Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
nvd
CVE-2023-2021P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.32023-04-13
CVE-2023-2021 [MEDIUM] CWE-79 CVE-2023-2021: Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3. Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3.
nvd
CVE-2023-3552P4MEDIUMCVSS 5.4≥ unspecified, < 3.0.102023-07-08
CVE-2023-3552 [MEDIUM] CWE-116 CVE-2023-3552: Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.1 Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
nvd
CVE-2023-3190P4MEDIUMCVSS 4.6≥ unspecified, < 3.0.92023-06-10
CVE-2023-3190 [MEDIUM] CWE-116 CVE-2023-3190: Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9 Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
nvd
Nilsteampassnet Teampass vulnerabilities | cvebase