8062 matches found
CVE-2026-4216
The CVE-2026-4216 entry concerns the i-SENS SmartLog App (air.SmartLog.android) for Android up to version 2.6.8. The vulnerability arises from a developer-mode function used during Bluetooth pairing configuration, which permits hard-coded credentials to be exposed. Impact is described as partial ...
Schneider Electric EcoStruxure Data Center Expert Hard-coded Password Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Data Center Expert. Authentication is required to exploit this vulnerability. The specific flaw exists within the postgres service, which listens on TCP port 5432 by...
PT-2026-25618
A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument ACCESS...
PT-2026-25613
A weakness has been identified in i-SENS SmartLog App up to 2.6.8 on Android. This affects an unknown function of the component air.SmartLog.android. This manipulation causes hard-coded credentials. The attack can only be executed locally. The exploit has been made available to the public and cou...
ZKTeco ZKBioSecurity 信任管理问题漏洞
ZKTeco ZKBioSecurity is a web-based integrated platform developed by ZKTeco Corporation in China. Version 3.0 of ZKTeco ZKBioSecurity contains a vulnerability related to trust management. This vulnerability stems from hard-coded credentials, which may allow unverified attackers to access the...
i-SENS SmartLog 信任管理问题漏洞
i-SENS SmartLog is a device data recording and management system developed by i-SENS Corporation. Versions of i-SENS SmartLog 2.6.8 and earlier contained a vulnerability related to trust management. This vulnerability stemmed from hard-coded credentials in the air.SmartLog.android component...
(Pwn2Own) QNAP TS-453E Hyper Data Protector Plugin Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP TS-453E devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of Bareos by the Hyper Data Protector Plugin. The issue...
Exploit for Use of Hard-coded Credentials in Rustfs
CVE-2025-689...
EUVD-2026-11768
Use of Hard-coded Credentials vulnerability in Avnatra Avantra allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Avantra: before 25.3.0...
CVE-2026-3873
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0...
CVE-2026-3873 Legacy built-in user account
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0...
CVE-2026-3873
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0...
CVE-2026-3873 Legacy built-in user account
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0...
CVE-2026-3873
CVE-2026-3873 affects Avantra’s legacy built-in user account. The vulnerability arises from use of hard-coded credentials in Avantra systems and allows accessing functionality not properly constrained by ACLs in versions before 25.3.0. According to the provided metrics, the issue has CVSS 3.1 bas...
PT-2026-25160
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0...
EUVD-2026-11637
A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...
EUVD-2026-11635
A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...
CVE-2026-28255
A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...
CVE-2026-28256
A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...
CVE-2026-28256 Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge
A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...