8047 matches found
CVE-2026-24448
Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...
CVE-2026-24448
Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...
CVE-2026-24448
CVE-2026-24448 describes a hard-coded credentials issue affecting MR-GM5L-S1 and MR-GM5A-L1, enabling an attacker to obtain administrative access via a network vector. The provided metrics indicate Critical impact across confidentiality, integrity, and availability, with CVSS v3.0/4.0 scores of 9...
EUVD-2026-11092
Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...
CVE-2026-24448
Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...
Use of Hard-coded Credentials
Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...
Use of Hard-coded Credentials
Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...
Use of Hard-coded Credentials
Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...
Use of Hard-coded Credentials
Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...
PT-2026-24578
Name of the Vulnerable Software and Affected Versions MR-GM5L-S1 MR-GM5A-L1 Description A hard-coded credentials issue exists in the software, potentially allowing an attacker to gain administrative access. Recommendations At the moment, there is no information about a newer version that contains...
CVE-2025-70041
An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...
ThermaKube 安全漏洞
ThermaKube is a Kubernetes cluster monitoring and visualization tool released as a beta version by Open Source Labs. There is a security vulnerability in ThermaKube, which stems from the use of hard-coded passwords...
PT-2026-24828
Name of the Vulnerable Software and Affected Versions oslabs-beta ThermaKube master affected versions not specified Description The software contains a hard-coded password. This relates to CWE-259, which involves the use of passwords directly embedded within the code. Recommendations At the momen...
CVE-2025-70041
An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...
CVE-2025-70041
Technical details are not publicly available in the provided documents for CVE-2025-70041; monitor for updates.
CVE-2025-70041
An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...
PT-2026-24894
A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroConfig.java of the component Apache Shiro RememberMe. Performing a manipulation results in use of hard-coded cryptographic key...
EUVD-2025-208473
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
EUVD-2025-208474
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...