CVE-2024-53522

Bangkok Medical Software HOSxP XE v4.64.11.3 was discovered to contain a hardcoded IDEA Key-IV pair in the HOSxPXE4.exe and HOS-WIN32.INI components. This allows attackers to access sensitive information...

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

CVE-2024-9679

A Hardcoded Cryptographic key vulnerability existed in DLP Extension 11.11.1.3 which allowed the decryption of previously encrypted user credentials...

PT-2024-39758 · Unknown · Dlp Extension

Name of the Vulnerable Software and Affected Versions: DLP Extension version 11.11.1.3 Description: A hardcoded cryptographic key vulnerability existed in DLP Extension, allowing the decryption of previously encrypted user credentials. Recommendations: For DLP Extension version 11.11.1.3, update ...

EUVD-2024-52808

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

CVE-2024-55557

CVE-2024-55557 affects Weasis 4.5.1 (weasis-core) via ui/pref/ProxyPrefView.java, where a hardcoded key for symmetric encryption of proxy credentials is used. This creates a risk of credential exposure if the key is revealed or misused. The description is supported by OSV/NVD/NVD records and link...

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

PT-2024-36553 · Weasis · Weasis

Name of the Vulnerable Software and Affected Versions: Weasis version 4.5.1 Description: The issue concerns a hardcoded key for symmetric encryption of proxy credentials in the ui/pref/ProxyPrefView.java file within the weasis-core component of Weasis. This hardcoded key is used for the symmetric...

CVE-2024-11308

The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content...

CVE-2024-11308

The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content...

CVE-2024-11308

The CVE-2024-11308 entry concerns TRCore’s DVC, a file-insurance system, which encrypts files with a hardcoded key. The underlying issue is the use of a static cryptographic key, enabling an attacker with local access to decrypt targeted files and recover original content as described in multiple...

CVE-2024-11308 TRCore DVC - Use of Hard-coded Cryptographic Key

The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content...

CVE-2024-11308 TRCore DVC - Use of Hard-coded Cryptographic Key

The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt the files and restore the original content...

PT-2024-16899 · Trcore · Dvc

Name of the Vulnerable Software and Affected Versions: DVC from TRCore affected versions not specified Description: The issue concerns the use of a hardcoded key for file encryption in the DVC from TRCore. This hardcoded key can be exploited by attackers to decrypt the files and restore their...

CVE-2024-40410

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded cryptographic key used for encryption...

PT-2024-28835 · Cybele · Thinfinity Workspace

Name of the Vulnerable Software and Affected Versions: Cybele Software Thinfinity Workspace versions prior to 7.0.2.113 Description: The issue concerns a hardcoded cryptographic key used for encryption. This key is embedded in the software, potentially allowing unauthorized access or exploitation...

PT-2024-16156 · WordPress · Ce21 Suite

Name of the Vulnerable Software and Affected Versions: CE21 Suite plugin for WordPress versions up to, and including, 2.2.0 Description: The issue is due to a hardcoded encryption key in the ce21 authentication phrase function, allowing unauthenticated attackers to log in as any existing user on...

Fortinet Fortigate Hardcoded symmetric key in fips.c (FG-IR-19-007)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-007 advisory. - Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an...

PT-2024-33138 · Neye3C · Neye3C

Name of the Vulnerable Software and Affected Versions: Neye3C version 4.5.2.0 Description: A hardcoded encryption key was found in the firmware update mechanism, which could potentially be exploited. Recommendations: For version 4.5.2.0, consider updating the firmware to a version that does not...

CVE-2024-46612

IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication information...