Lucene search
K

156 matches found

Cvelist
Cvelist
added 2023/01/03 8:4 p.m.36 views

CVE-2022-23506 Spinnaker's Rosco microservice vulnerable to improper log masking on AWS Packer builds

Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes, and Spinnaker's Rosco microservice produces machine images. Rosco prior to versions 1.29.2, 1.28.4, and 1.27.3 does not property mask secrets generated via packer builds. This can lead to exposur...

4.3CVSS7.7AI score0.00541EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/28 4:15 p.m.2 views

CVE-2022-38557

D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh...

9.8CVSS5.8AI score0.00851EPSS
Exploits0References3
NVD
NVD
added 2022/07/14 1:15 p.m.22 views

CVE-2022-28377

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of th...

7.5CVSS0.00808EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/07/14 1:15 p.m.9 views

CVE-2022-28377

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of th...

7.5CVSS5.9AI score0.00808EPSS
Exploits1References3
OSV
OSV
added 2022/07/14 1:15 p.m.3 views

CVE-2022-28377

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints rely on a static account username/password for access control. This password can be generated via a binary included in the firmware, after ascertaining the MAC address of th...

7.5CVSS5.8AI score0.00808EPSS
Exploits1References2
CVE
CVE
added 2022/07/14 12:28 p.m.55 views

CVE-2022-28377

Affected: Verizon 5G Home LVSKIHP IDU 3.4.66.162 and ODU 3.33.101.0. Root cause: CRTC/ODU RPC endpoints rely on a static account username/password for access control, and the password can be generated via a firmware binary after determining the IDU’s base Ethernet MAC and setting DEVICE_MANUFACTU...

7.5CVSS7.5AI score0.00808EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/07/14 12:0 a.m.5 views

Verizon 5G Home LVSKIHP 安全漏洞

The Verizon 5G Home LVSKIHP is an all-in-one integrated modem and router from Verizon USA. It provides access to Verizon Wireless 5G wireless home Internet service. The Verizon 5G Home LVSKIHP InDoorUnit IDU version 3.4.66.162 and OutDoorUnit ODU version 3.33.101.0 devices have a security...

7.5CVSS7.4AI score0.00808EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/03/03 5:42 a.m.5 views

Multiple vulnerabilities in Trend Micro ServerProtect

Overview Trend Micro Incorporated has released security updates for ServerProtect. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Remote control execution due to insufficiently protected static credentials Denial-of-servic...

9.8CVSS8.3AI score0.04872EPSS
Exploits2References11
Vulnrichment
Vulnrichment
added 2021/04/02 3:41 p.m.8 views

CVE-2020-11925

An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the device is based on a username and password. The root credentials are the same across all devices of this model...

7AI score0.01349EPSS
Exploits1References2
OSV
OSV
added 2021/01/26 6:15 p.m.2 views

CVE-2020-28999

An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8.1 devices. A remote attacker can take full control of the camera with a high-privileged account. The vulnerability exists because a static username and password are compiled into a shared library...

7.2CVSS5.8AI score0.01713EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/01/26 12:0 a.m.8 views

Geeni Multiple Product Security Vulnerabilities

Geeni GNC-CW028 and so on are products of Geeni USA.Geeni GNC-CW028 is an indoor webcam.Geeni GNC-CW025 is an indoor webcam.Merkury MI-CW024 and so on are products of Merkury USA.Merkury MI-CW024 is an indoor webcam.Merkury MI-CW017 is an indoor webcam. Geeni A security vulnerability exists in...

7.2CVSS7.1AI score0.01272EPSS
Exploits1References3
CNVD
CNVD
added 2021/01/21 12:0 a.m.6 views

Cisco Smart Software Manager Satellite Static Credentials Vulnerability

Cisco Smart Software Manager Satellite is a Cisco component for Cisco product license management. A static credentials vulnerability exists in Cisco Smart Software Manager Satellite version 5.1.0 and earlier. The vulnerability stems from inadequate protection of static credentials. An attacker ca...

7.8CVSS6.6AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.5 views

CVE-2021-1219

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...

7.8CVSS7.1AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 9:15 p.m.31 views

CVE-2021-1219

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...

7.8CVSS7.3AI score0.00256EPSS
Exploits0References1
Prion
Prion
added 2021/01/20 9:15 p.m.15 views

Design/Logic Flaw

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...

4.6CVSS7.2AI score0.00256EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2021/01/20 4:0 p.m.69 views

Cisco Smart Software Manager Satellite Static Credential Vulnerability

A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this...

7.8CVSS1.6AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/20 12:0 a.m.7 views

Cisco Smart Software Manager 信任管理问题漏洞

Cisco Smart Software Manager Satellite is a Cisco component for Cisco product license management. A static credentials vulnerability exists in Cisco Smart Software Manager Satellite version 5.1.0 and earlier. The vulnerability stems from inadequate protection of static credentials. An attacker ca...

7.8CVSS7.1AI score0.00256EPSS
Exploits0References4
CNVD
CNVD
added 2020/12/01 12:0 a.m.2 views

Cisco Security Manager Input Validation Error Vulnerability (CNVD-2020-72726)

Cisco Security Manager CSM is a suite of enterprise-level management applications from Cisco that are used to configure firewall, VPN, and intrusion protection security services on Cisco network and security devices. A security vulnerability exists in Cisco Security Manager that stems from...

9.8CVSS6.8AI score0.01712EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/11/17 3:17 p.m.77 views

Cisco Patches Critical Flaw After PoC Exploit Code Release

A day after proof-of-concept PoC exploit code was published for a critical flaw in Cisco Security Manager, Cisco has hurried out a patch. Cisco Security Manager is an end-to-end security management application for enterprise administrators, which gives them the ability to enforce various security...

9AI score0.87719EPSS
Exploits0References16
OSV
OSV
added 2020/11/17 3:15 a.m.5 views

CVE-2020-27125

A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by...

9.8CVSS7.3AI score0.01712EPSS
Exploits0References1
Rows per page
Query Builder