Empress 信任管理问题漏洞

Empress is a lightweight branch of Sovereign focused on email by Greg Slepak, an individual developer. Empress is vulnerable to a trust management issue. An attacker exploits the vulnerability to cause victims to use hard-coded passwords...

Elvexys ISOS 信任管理问题漏洞

Elvexys ISOS is an application from Elvexys, Inc. A security vulnerability exists in Elvexys ISOS versions 1.81 through 2.00, which stems from hard-coded credentials containing the embedded StreamX installer...

CVE-2022-45425

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability...

CVE-2022-45425

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability...

Dahua software products 信任管理问题漏洞

Dahua software products are a family of applications from Dahua Corporation of China. A security vulnerability exists in a number of Dahua software products that stems from their use of hard-coded encryption keys that allow an attacker to obtain AES encryption keys...

CVE-2022-45425

Affected software: Dahua software products. Issue: use of a hard-coded AES cryptographic key, enabling an attacker to obtain the AES key. Root cause cited across sources is hard-coded keys within the product set. Impact (per sources): confidentiality impact, high. Vector: network-based exploitati...

CVE-2022-45425

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability...

CVE-2022-45425

Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An attacker can obtain the AES crypto key by exploiting this vulnerability...

Critical Security Flaw Reported in Passwordstate Enterprise Password Manager

Multiple high-severity vulnerabilities have been disclosed in Passwordstate password management solution that could be exploited by an unauthenticated remote adversary to obtain a user's plaintext passwords. "Successful exploitation allows an unauthenticated attacker to exfiltrate passwords from ...

CVE-2022-4611

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2022-4611

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2022-4611

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

EUVD-2022-51942

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2022-4611 Click Studios Passwordstate hard-coded credentials

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed...

PT-2022-27741 · Click Studios · Click Studios Passwordstate +1

Name of the Vulnerable Software and Affected Versions: Click Studios Passwordstate affected versions not specified Click Studios Passwordstate Browser Extension Chrome affected versions not specified Description: A problematic vulnerability was found in Click Studios Passwordstate and Passwordsta...

CVE-2022-4611

CVE-2022-4611 affects Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Vulnerability details in the provided documents indicate a manipulation that results in hard-coded credentials in an unspecified part of the product, with remote initiation possible and public disclosure...

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (sound4server) Hardcoded Credentials

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

CVE-2022-2660

Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine...

PT-2022-6392 · Schneider Electric · Apc Easy Ups Online Monitoring +1

Name of the Vulnerable Software and Affected Versions: APC Easy UPS Online Monitoring Software versions prior to V2.5-GA APC Easy UPS Online Monitoring Software versions prior to V2.5-GA-01-22261 Schneider Electric Easy UPS Online Monitoring Software versions prior to V2.5-GS Schneider Electric...

Schneider Electric APC Easy UPS Online

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: APC Easy UPS Online Vulnerabilities: Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Incorrect Permission Assignment for...