2442 matches found
CVE-2026-4404
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
CVE-2026-4404 Use of hard coded credentials in GoHarbor Harbor
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
CVE-2026-4404
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
EUVD-2026-14455
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
CVE-2026-4404 Use of hard coded credentials in GoHarbor Harbor
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...
CVE-2026-4404
CVE-2026-4404 affects Harbor
Harbor 安全漏洞
Harbor is an open-source registry developed by Harbor Open Source. It protects artifacts through policy-based and role-based access control, ensures that images are scanned for vulnerabilities, and signs images as trustworthy. Versions of Harbor prior to 2.15.0 have security vulnerabilities; thes...
PT-2026-27137
Name of the Vulnerable Software and Affected Versions GoHarbor versions prior to 2.15.0 Description The use of hard-coded credentials in GoHarbor allows attackers to use the default password and gain access to the web user interface. Recommendations Update GoHarbor to version 2.15.0 or later...
CVE-2026-33037 WWBN AVideo has predictable default admin credentials in official Docker deployment path
WWBN AVideo is an open source video platform. In versions 25.0 and below, the official Docker deployment files docker-compose.yml, env.example ship with the admin password set to "password", which is automatically used to seed the admin account during installation, meaning any instance deployed...
EUVD-2026-13575
WWBN AVideo is an open source video platform. In versions 25.0 and below, the official Docker deployment files docker-compose.yml, env.example ship with the admin password set to "password", which is automatically used to seed the admin account during installation, meaning any instance deployed...
PT-2026-26565
WWBN AVideo is an open source video platform. In versions 25.0 and below, the official Docker deployment files docker-compose.yml, env.example ship with the admin password set to "password", which is automatically used to seed the admin account during installation, meaning any instance deployed...
VulnCheck KEV: CVE-2019-19492
FreeSWITCH 1.6.10 through 1.10.1 has a default password in eventsocket.conf.xml...
CVE-2023-27573
netbox-docker before 2.5.0 has a superuser account with default credentials admin password for the admin account, and 0123456789abcdef0123456789abcdef01234567 value for SUPERUSERAPITOKEN. In practice on the public Internet, almost all users changed the password but only about 90% changed the toke...
NewStart CGSL MAIN 6.06 (SP) : cloud-init Multiple Vulnerabilities (NS-SA-2026-0026)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has cloud-init packages installed that are affected by multiple vulnerabilities: - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys. In some...
CVE-2026-3186
A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...
CVE-2026-3186 feiyuchuixue sz-boot-parent Password Reset password default password
A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...
CVE-2026-3186 feiyuchuixue sz-boot-parent Password Reset password default password
A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...
CVE-2026-3186
The CVE affects feiyuchuixue sz-boot-parent up to 1.3.2-beta, specifically the Password Reset Handler at /api/admin/sys-user/reset/password/. A flaw in handling the userId argument allows use of the default password, with remote exploit possible. Public exploit details exist; mitigation is upgrad...
CVE-2026-3186 feiyuchuixue sz-boot-parent Password Reset password default password
A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...
PT-2026-21908
A vulnerability was determined in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this vulnerability is an unknown functionality of the file /api/admin/sys-user/reset/password/ of the component Password Reset Handler. This manipulation of the argument userId causes use of default...