Lucene search
K

3827 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-27785

Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials...

8.8CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42251

Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...

8.7CVSS5.6AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.13 views

CVE-2026-42929

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...

8.7CVSS5.4AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.9 views

CVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...

9.8CVSS5.5AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 5:49 p.m.28 views

CVE-2025-71317 NetMan 204 Hard-coded Backdoor Credentials

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...

9.8CVSS0.00432EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 8:16 p.m.11 views

CVE-2026-21404

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS0.00122EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 7:44 p.m.5 views

CVE-2026-21404

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS5.8AI score0.00122EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/04 7:44 p.m.8 views

EUVD-2026-34321

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS5.8AI score0.00122EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 7:44 p.m.26 views

CVE-2026-21404 NAVTOR NavBox Use of Hard-coded Credentials

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS0.00122EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 7:44 p.m.8 views

CVE-2026-21404 NAVTOR NavBox Use of Hard-coded Credentials

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS5.5AI score0.00122EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 7:44 p.m.31 views

CVE-2026-21404

NAVTOR NavBox (versions up to 4.16.1.20) contains hard-coded credentials in its Windows Communication Foundation (SOAP) implementation. When SOAP is enabled, a local attacker can extract credentials and bypass the intended transfer workflow. Successful authentication to the SOAP interface grants ...

6.3CVSS5.8AI score0.00122EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 6:35 a.m.21 views

CVE-2026-49204

Technical details about CVE-2026-49204 are not publicly available in the provided documents; monitor for updates.

6.9CVSS5.8AI score0.00159EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 6:35 a.m.6 views

CVE-2026-49204 Hard-coded AWS Cognito Testing Accounts

Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation...

6.9CVSS5.8AI score0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 6:35 a.m.39 views

CVE-2026-49204 Hard-coded AWS Cognito Testing Accounts

Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation...

6.9CVSS0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 3:50 a.m.6 views

CVE-2026-49187 Hard-coded APK Resource Credentials & Scepters

The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...

8.7CVSS5.8AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 3:50 a.m.40 views

CVE-2026-49187 Hard-coded APK Resource Credentials & Scepters

The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...

8.7CVSS0.00245EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 3:50 a.m.17 views

CVE-2026-49187

CVE-2026-49187 concerns hard-coded APK resource files that never expire and a shared scepter that can lead to information leaks and potential misuse. According to the entry, exploitation is network-based with low attack complexity and no privileges required, causing high confidentiality impact (t...

8.7CVSS5.8AI score0.00245EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/04 12:30 a.m.14 views

EUVD-2026-34183

Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

5.3CVSS5.8AI score0.00237EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 12:30 a.m.15 views

EUVD-2026-34184

Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

5.3CVSS5.8AI score0.00237EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.11 views

PT-2026-46316

Name of the Vulnerable Software and Affected Versions NAVTOR NavBox versions prior to 4.16.1.21 Description The software contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. When SOAP functionality is enabled, a local attacker can extract these...

6.3CVSS5.5AI score0.00122EPSS
Exploits0References4
Rows per page
Query Builder