Siemens SINEC INS 安全漏洞

Siemens SINEC INS is a software from Siemens, Germany, that provides centralized services for network infrastructures. Siemens SINEC INS suffers from a use of hard-coded encryption key vulnerability that can be exploited by an attacker to learn the encryption key material and decrypt arbitrary...

CVE-2024-11026

A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument...

CVE-2024-11026

A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument...

CVE-2024-11026 Intelligent Apps Freenow App Keystore SSL.java hard-coded password

A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument...

CVE-2024-11026

CVE-2024-11026 affects Intelligent Apps Freenow App 12.10.0 on Android. The issue resides in the Keystore Handler’s SSL.java (ch/qos/logback/core/net/ssl/SSL.java), where the argument DEFAULT_KEYSTORE_PASSWORD is manipulated with the input value “changeit,” resulting in a hard-coded password. Thi...

CVE-2024-11026 Intelligent Apps Freenow App Keystore SSL.java hard-coded password

A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument...

CVE-2024-50593

An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, which is shipped with the software...

CVE-2024-50593

CVE-2024-50593 affects the Elefant Service tool; a local attacker can access restricted functions via a hard-coded "Hotline" password embedded in the Elefant service binary, which is shipped with the software. Affected component is the Elefant Service binary used by HASOMED Elefant. The root caus...

PT-2024-16715 · Unknown · Intelligent Apps Freenow App

Name of the Vulnerable Software and Affected Versions: Intelligent Apps Freenow App version 12.10.0 Description: A problem was found in the Intelligent Apps Freenow App, affecting some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The...

PT-2024-34348 · Unknown · Elefant Service Tool

Name of the Vulnerable Software and Affected Versions: Elefant Service tool affected versions not specified Description: An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded Hotline password in the Elefant...

WordPress plugin CE21 Suite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Intelligent Freenow 安全漏洞

Intelligent Freenow is a cab booking software from Intelligent. A security vulnerability exists in Intelligent Freenow version 12.10.0, which stems from the parameter DEFAULTKEYSTOREPASSWORD in the file ch/qos/logback/core/net/ssl/SSL.java that can lead to the use of hard-coded passwords...

CVE-2024-10920

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-master\src\main\java\io\github\mariazevedo88\travelsjavaapi\filters\JwtAuthenticationTokenFilter.java of the...

CVE-2024-10920 mariazevedo88 travels-java-api JWT Secret JwtAuthenticationTokenFilter.java doFilterInternal hard-coded key

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-master\src\main\java\io\github\mariazevedo88\travelsjavaapi\filters\JwtAuthenticationTokenFilter.java of the...

CVE-2024-10920 mariazevedo88 travels-java-api JWT Secret JwtAuthenticationTokenFilter.java doFilterInternal hard-coded key

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-master\src\main\java\io\github\mariazevedo88\travelsjavaapi\filters\JwtAuthenticationTokenFilter.java of the...

PT-2024-16642 · Unknown · Travels-Java-Api

Name of the Vulnerable Software and Affected Versions: travels-java-api versions up to 5.0.1 Description: A vulnerability was found in the travels-java-api, classified as problematic. The issue affects the function doFilterInternal of the file...

travels-java-api 安全漏洞

travels-java-api is an API for travel management from the individual developer Mariana Azevedo. A security vulnerability exists in travels-java-api version 5.0.1 and earlier, which stems from the use of hard-coded encryption keys in the doFilterInternal function in the JWT Secret Handler componen...

Tenda G3 Hardcoded Credentials Vulnerability

Tenda G3 is a QosVpn router from Tenda China. The Tenda G3 suffers from a hard-coded credential vulnerability that can be exploited by an attacker to log in as root and obtain sensitive information...

LB-LINK BL-WR 1300H 安全漏洞

The LB-LINK BL-WR 1300H is a wireless dual-band gigabit router from China Bilink LB-LINK. A security vulnerability exists in the LB-LINK BL-WR 1300H version v.1.0.4, which stems from the use of hard-coded credentials in /etc/shadow...

YesWiki Uses a Broken or Risky Cryptographic Algorithm

Summary The use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. Details Firstly, the salt used to hash the password reset key is hard-coded in the includes/services/UserManager.php file...