298 matches found
CVE-2026-50208 Permissive TrustAllCerts TLS Verification
High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...
PT-2026-46160
High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...
PT-2026-46149
The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages...
TRAC PDBM security vulnerability
TRAC PDBM is an industrial automation process database management software developed by the Slovenian company TRAC. TRAC PDBM has a security vulnerability that stems from the use of static, hard-coded keys. This vulnerability could allow attackers to decrypt credentials stored in configuration...
CVE-2026-49000
An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...
CVE-2026-49000
An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...
CVE-2026-49000 Cryptography Implementation Flaw vulnerability in ZTE ZXUniPOS NDS-LTE product
An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...
CVE-2026-49000
Technical details (affected products, components, versions, exploit info) are not publicly available in the provided documents. Monitor for updates from NVD, the CVE List, and vendors.
CVE-2026-49000 Cryptography Implementation Flaw vulnerability in ZTE ZXUniPOS NDS-LTE product
An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...
CVE-2026-49000
An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...
EUVD-2026-32049
An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...
PT-2026-43492
An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...
AstrBot 安全漏洞
AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Version 3.5.15 of AstrBot contains a security vulnerability, which stems from the use of hard-coded private keys for signing JWTs...
WatchGuard Agent 安全漏洞
WatchGuard Agent is a terminal security protection and device management agent provided by the American company WatchGuard. Versions of WatchGuard Agent prior to 1.25.03.0000 contain security vulnerabilities. These vulnerabilities stem from the use of hard-coded encryption keys, which may lead to...
CDAC e-Sushrut 安全漏洞
CDAC e-Sushrut is a system platform provided by the Indian company CDAC, which facilitates hospital information management and medical process support. There is a security vulnerability in CDAC e-Sushrut. This vulnerability stems from the leakage of sensitive information in client-side JavaScript...
CVE-2026-32644 Milesight Cameras Use of Hard-coded Cryptographic Key
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys...
CVE-2026-32644 Milesight Cameras Use of Hard-coded Cryptographic Key
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by denial of service and weaker than expected security vulnerabilities in WebSphere Application Server Liberty
Summary WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of the application security stack and security utility. CVE-2025-14923 and CVE-2024-29371. Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty...
EUVD-2026-23751
SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update...
Silex SD-330AC和Silex AMC Manager 安全漏洞
Both the Silex SD-330AC and the Silex AMC Manager are products of the Japanese company Silex. The Silex SD-330AC is a device server that provides wireless network connectivity and the ability to share with USB devices. The Silex AMC Manager is a management software used for centralized management...