CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

3035 matches found

ATTACKERKB•added 2026/02/06 11:14 p.m.•4 views

CVE-2020-37135

AMSS++ 4.7 contains an authentication bypass vulnerability that allows attackers to access administrative accounts using hardcoded credentials. Attackers can log in with the default admin username and password '1234' to gain unauthorized administrative access to the system...

9.3CVSS5.4AI score0.00428EPSS

Exploits1References2Affected Software1

Cvelist•added 2026/02/06 11:14 p.m.•34 views

CVE-2020-37135 AMSS++ 4.7 - Backdoor Admin Account

AMSS++ 4.7 contains an authentication bypass vulnerability that allows attackers to access administrative accounts using hardcoded credentials. Attackers can log in with the default admin username and password '1234' to gain unauthorized administrative access to the system...

9.3CVSS0.00428EPSS

Exploits1References2

Vulnrichment•added 2026/02/06 11:14 p.m.•3 views

CVE-2020-37135 AMSS++ 4.7 - Backdoor Admin Account

AMSS++ 4.7 contains an authentication bypass vulnerability that allows attackers to access administrative accounts using hardcoded credentials. Attackers can log in with the default admin username and password '1234' to gain unauthorized administrative access to the system...

9.3CVSS5.5AI score0.00428EPSS

Exploits1References2

Positive Technologies•added 2026/02/06 12:0 a.m.•4 views

PT-2026-6818

Name of the Vulnerable Software and Affected Versions AMSS++ version 4.7 Description AMSS++ 4.7 has a flaw that permits unauthorized access to administrative accounts. This is due to the use of hardcoded credentials, specifically the default username 'admin' and password '1234'. Successful...

9.3CVSS5.4AI score0.00428EPSS

Exploits1References4

Positive Technologies•added 2026/02/06 12:0 a.m.•5 views

PT-2026-6824

Name of the Vulnerable Software and Affected Versions DBPower C300 HD Camera affected versions not specified Description The DBPower C300 HD Camera has a configuration disclosure issue. Unauthenticated attackers can obtain sensitive credentials by accessing an unprotected configuration backup...

8.7CVSS5.3AI score0.004EPSS

Exploits0References5

GithubExploit•added 2026/02/04 9:46 a.m.•263 views

Exploit for Classic Buffer Overflow in Tp-Link Omada_Er605_Firmware

CVE-2024-5243-pwn2own-toronto-2023 TP-Link ER605 Pre-Auth...

7.5CVSS7.5AI score0.00815EPSS

Nuclei•added 2026/02/04 7:0 a.m.•12 views

Gladinet CentreStack & Triofox - Hardcoded Credentials

Gladinet CentreStack and Triofox 16.12.10420.56791 contain a hardcoded credentials vulnerability caused by use of hardcoded AES cryptoscheme values, letting attackers perform arbitrary local file inclusion without authentication, potentially leading to full system compromise. id: CVE-2025-14611...

9.8CVSS6.8AI score0.50949EPSS

Exploits3References2

RedhatCVE•added 2026/02/03 9:18 a.m.•9 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS5.3AI score0.00437EPSS

Exploits1References1

OSV•added 2026/02/02 5:16 a.m.•3 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS5.8AI score0.00437EPSS

Exploits1References1

NVD•added 2026/02/02 5:16 a.m.•6 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS0.00437EPSS

Exploits1References1

Cvelist•added 2026/02/02 4:49 a.m.•25 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS0.00437EPSS

Exploits1References1

EUVD•added 2026/02/02 4:49 a.m.•4 views

EUVD-2026-5093

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS5.3AI score0.00437EPSS

Exploits1References1

ATTACKERKB•added 2026/02/02 4:49 a.m.•2 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS5.9AI score0.00437EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/02/02 4:49 a.m.•3 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS5.3AI score0.00437EPSS

Exploits1References1

CVE•added 2026/02/02 4:49 a.m.•12 views

CVE-2026-25202

The CVE-2026-25202 issue affects Samsung MagicINFO 9 Server prior to version 21.1090.1. The vulnerability arises from hard-coded database credentials (account and password), permitting login to the database and potential manipulation of data, with impact to confidentiality and integrity (as descr...

9.8CVSS5.9AI score0.00437EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2026/02/02 12:0 a.m.•6 views

PT-2026-5607

Name of the Vulnerable Software and Affected Versions MagicINFO 9 Server versions prior to 21.1090.1 Description The database account and password are hardcoded, which allows login with the account to manipulate the database. This compromises the integrity and confidentiality of the database...

10CVSS5.4AI score0.00437EPSS

Exploits1References12

CNNVD•added 2026/02/02 12:0 a.m.•3 views

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-level digital signage content management and device monitoring platform developed by South Korean company Samsung. Previous versions of SAMSUNG MagicINFO 9 Server, such as 21.1090.1, contained security vulnerabilities. These vulnerabilities stemmed from...

9.8CVSS5.8AI score0.00437EPSS

Exploits1References2

RedhatCVE•added 2026/01/29 9:24 a.m.•4 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS5.8AI score0.00534EPSS

Exploits0References1

GithubExploit•added 2026/01/29 5:6 a.m.•449 views

xtream-ui-security-audit

🔐 Xtream UI Security Audit & Exploitation Framework !Python...

RedhatCVE•added 2026/01/29 3:26 a.m.•6 views

CVE-2026-24840

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8.8CVSS5.9AI score0.00334EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by