3038 matches found
Hardcoded credentials
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials...
Hardcoded credentials
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges...
Hardcoded credentials
HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.reboot, factory reset, snapshot etc...
Whispers - Identify Hardcoded Secrets In Static Structured Text
"My little birds are everywhere, even in the North, they whisper to me the strangest stories." - Lord Varys Whispers is a static code analysis tool designed for parsing various common data formats in search of hardcoded credentials and dangerous functions. Whispers can run in the CLI or you can...
Hardcoded credentials
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller which may allow a user with elevated privileges to corrupt program data...
Hardcoded credentials
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or...
Hardcoded credentials
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter ACF module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result ...
Airangel Hsmx Gateway Hardcoded Credentials Vulnerability
Airangel Hsmx Gateway is a platform from Airangel UK, Inc. A hard-coded credential vulnerability exists in versions of Airangel Hsmx Gateway prior to 5.2.04, which stems from the use of PostgreSQL database credentials hard-coded in the configuration file. An attacker could steal this credential t...
Hardcoded credentials
Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypted which could lead to the communication channel being accessible by an attacker...
Hardcoded credentials
An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device...
Hardcoded credentials
Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...
Hardcoded credentials
neoan3-apps/template is a neoan3 minimal template engine. Versions prior to 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template engine. The issue arises if a value has the same name as a method or function...
Hardcoded credentials
lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30...
Hardcoded credentials
In XenForo through 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side...
Hardcoded credentials
The Hashthemes Demo Importer Plugin = 1.1.1 for WordPress contained several AJAX functions which relied on a nonce which was visible to all logged-in users for access control, allowing them to execute a function that truncated nearly all database tables and removed the contents of...
Hardcoded credentials
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS...
CVE-2021-41320
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 64-bit edition with higher privilege than the average authenticated user. NOTE: the vendor disputes this because the password is not hardcoded it can be changed during installation or at any later time...
CVE-2021-41320
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 64-bit edition with higher privilege than the average authenticated user. NOTE: the vendor disputes this because the password is not hardcoded it can be changed during installation or at any later time...
Hardcoded credentials
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 64-bit edition with higher privilege than the average authenticated user...
CVE-2021-41320
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 64-bit edition with higher privilege than the average authenticated user. NOTE: the vendor disputes this because the password is not hardcoded it can be changed during installation or at any later time...