pwdump is the name of various Windows programs that outputs the LM and NTLM password hashes of local user accounts from the Security Account Manager (SAM) database and from the Active Directory domain's users cache on the operating system.
It is widely used, to perform both the famous pass-the-hash attack, or also can be used to brute-force users' password directly.
In order to work, it must be run under an Administrator account, or be able to access an Administrator account on the computer where the hashes are to be dumped.
Pwdump could be said to compromise security because it could allow a malicious administrator to access user's passwords.
[1] The initial program called pwdump was written by Jeremy Allison.