CVE-2022-4610

MEDIUM Year: 2022
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-310
View all →

Vulnerability Description

A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216272.

Related Vulnerabilities

CVE-2015-8234

MEDIUM
CVSS:5.5(Medium)

The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision.

CWE-3102015

CVE-2016-4005

MEDIUM
CVSS:5.5(Medium)

The Huawei Hilink App application before 3.19.2 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008.

CWE-3102016

CVE-2016-7438

MEDIUM
CVSS:5.5(Medium)

The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.

CWE-3102016

CVE-2016-7439

MEDIUM
CVSS:5.5(Medium)

The C software implementation of RSA in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.

CWE-3102016

CVE-2017-18327

MEDIUM
CVSS:5.5(Medium)

Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM...

CWE-3102017

CVE-2018-7839

MEDIUM
CVSS:5.5(Medium)

A Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor 3.1.38 which could allow information disclosure.

CWE-3102018