CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8120 matches found

Cvelist•added 2021/07/22 6:27 p.m.•21 views

CVE-2021-31579 Akkadian Provisioning Manager Engine (PME) Hard-Coded Credentials

Akkadian Provisioning Manager Engine PME ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning Manager 5.0.2 and later, and Akkadian Appliance Manager 3.3.0.314-4a349e0 and later...

8.2CVSS9.5AI score0.00465EPSS

Exploits1References1

CVE•added 2021/07/22 6:27 p.m.•53 views

CVE-2021-31579

CVE-2021-31579 affects Akkadian Provisioning Manager Engine (PME) where a hard-coded credential (akkadianuser:haakkadianpassword) exists. Exploitation can enable root-level shell access when combined with other issues (CVE-2021-31580/81) and, in some contexts, expose sensitive data (CVE-2021-3158...

9.8CVSS8.9AI score0.00465EPSS

Exploits1References1Affected Software2

seebug.org•added 2021/07/22 12:0 a.m.•227 views

D-LINK DIR-3040 Zebra IP 路由管理器信息泄露漏洞(CVE-2021-21817)

The DIR-3040 is an AC3000-based wireless internet router. Zebra is an IP routing manager that provides kernel routing table updates, interface lookups, and redistribution of routes between different routing protocols. The DIR-3040 runs this service by default on TCP port 2601 and can be accessed ...

5CVSS7.5AI score0.01918EPSS

Exploits2

OSV•added 2021/07/21 3:15 p.m.•2 views

CVE-2021-22707

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker t...

9.8CVSS5.8AI score0.91564EPSS

Exploits2References1

OSV•added 2021/07/21 3:15 p.m.•2 views

CVE-2021-22729

A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker to...

9.8CVSS5.8AI score0.00346EPSS

Exploits0References1

OSV•added 2021/07/21 3:15 p.m.•1 views

CVE-2021-22730

9.8CVSS5.8AI score

Exploits0References1

NVD•added 2021/07/21 3:15 p.m.•10 views

CVE-2021-22730

10CVSS0.00346EPSS

Exploits0References1

NVD•added 2021/07/21 3:15 p.m.•18 views

CVE-2021-22707

10CVSS0.91564EPSS

Exploits2References1

Prion•added 2021/07/21 3:15 p.m.•17 views

Hardcoded credentials

10CVSS9.4AI score0.00346EPSS

Exploits0References1Affected Software6

Prion•added 2021/07/21 3:15 p.m.•23 views

Hardcoded credentials

10CVSS9.4AI score0.91564EPSS

Exploits2References1Affected Software6

CVE•added 2021/07/21 10:44 a.m.•51 views

CVE-2021-22730

The CVE-2021-22730 issue affects Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) where all versions before R8 V3.4.0.1 are vulnerable to CWE-798 (Use of Hard-coded Credentials). This could allow an attacker to gain unaut...

10CVSS9.5AI score0.00346EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/07/21 10:44 a.m.•17 views

CVE-2021-22730

9.7AI score0.00346EPSS

Exploits0References1

CVE•added 2021/07/21 10:44 a.m.•49 views

CVE-2021-22729

The CVE-2021-22729 entry affects Schneider Electric EVlink City (EVC1S22P4 / EVC1S7P4), EVlink Parking (EVW2 / EVF2 / EV.2), and EVlink Smart Wallbox (EVB1A) all versions prior to R8 V3.4.0.1. The root cause is CWE-259: Use of Hard-coded Password, enabling an attacker to gain unauthorized adminis...

10CVSS9.5AI score0.00346EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/07/21 10:44 a.m.•14 views

CVE-2021-22729

9.7AI score0.00346EPSS

Exploits0References1

CVE•added 2021/07/21 10:41 a.m.•101 views

CVE-2021-22707

The CVE-2021-22707 entry describes a hard-coded credentials vulnerability in Schneider Electric EVlink devices (City, Parking, Smart Wallbox) with versions prior to R8 V3.4.0.1. The concrete details from connected sources (e.g., NUCLEI template) indicate an authentication bypass vulnerability tha...

10CVSS9.4AI score0.91564EPSS

In wildExploits2References1Affected Software1

ATTACKERKB•added 2021/07/21 12:0 a.m.•120 views

CVE-2021-22707

10CVSS1.4AI score0.91564EPSS

Exploits2References2

Code423n4•added 2021/07/21 12:0 a.m.•10 views

Router.removeLiquidityExact(uint256,address) has unchecked transfers

Handle heiho1 Vulnerability details Impact Router.removeLiquidityExactuint256,address line 114 does not check the boolean return of a token transfer. This is a brittle implementation because it relies on the boolean return value being hard-coded to true. Tokens may not revert in case of failure a...

6.8AI score

Exploits0

OSV•added 2021/07/19 5:15 p.m.•1 views

CVE-2021-36799

KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

8.8CVSS5.8AI score0.00128EPSS

Exploits0References3

NVD•added 2021/07/19 5:15 p.m.•9 views

CVE-2021-36799

8.8CVSS0.00128EPSS

Exploits0References3

CVE•added 2021/07/19 4:31 p.m.•83 views

CVE-2021-36799

CVE-2021-36799 : KNX ETS5 through 5.7.6 uses a hard-coded password (ETS5Password) with a salt value (Ivan Medvedev), enabling local users to read project information. This vulnerability is limited to products no longer supported by the maintainer. No public remediation or patch details are provid...

8.8CVSS6AI score0.00128EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by