8087 matches found
CVE-2019-3908
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data...
Juniper ATP has an unspecified vulnerability (CNVD-2019-39196)
Juniper Advanced Threat Prevention ATP is a suite of advanced threat protection platforms from Juniper Networks. The product supports malware detection, file analysis, and malicious IP address and URL blocking. A security vulnerability exists in Juniper ATP version 5.0.3 prior to version 5.0, whi...
Unspecified Vulnerability in Juniper ATP
Juniper Advanced Threat Prevention ATP is a suite of advanced threat protection platforms from Juniper Networks. The product supports malware detection, file analysis, and malicious IP address and URL blocking. A security vulnerability exists in Juniper ATP version 5.0.3 prior to version 5.0, whi...
Unspecified Vulnerability in LCDS LAquis SCADA
LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A security vulnerability exists in LCDS LAquis SCADA version 4.1.0.3870, whi...
PT-2019-16763 · Premisys · Premisys Identicard
Name of the Vulnerable Software and Affected Versions: Premisys Identicard version 3.1.190 Description: The issue concerns the storage of backup files as encrypted zip files with a hard-coded and unchangeable password. This allows an attacker with access to these backups to decrypt them and obtai...
CVE-2019-0020
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3...
CVE-2019-0022
Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3...
CVE-2019-0020
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3...
CVE-2019-0022
Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3...
CVE-2019-0022 Juniper ATP: Two hard coded credentials sharing the same password give an attacker the ability to take control of any installation of the software.
Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3...
CVE-2019-0020 Juniper ATP: Hard coded credentials used in Web Collector
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full control of any installation of the software. Affected releases are Juniper Networks Juniper ATP: 5.0 versions prior to 5.0.3...
CVE-2019-0020
The CVE-2019-0020 entry concerns Juniper ATP: hard-coded credentials in the Web Collector component, enabling an attacker to gain full control of affected installations. Affected releases are Juniper ATP 5.0 versions prior to 5.0.3. The root cause is the presence of hard-coded credentials in the ...
CVE-2019-0022
CVE-2019-0022 describes a vulnerability in Juniper ATP where the Cyphort Core instance ships with hard-coded credentials , enabling an attacker to gain full control of an affected installation. The impact affects Juniper ATP 5.0 releases prior to 5.0.3, with a network-accessible vector and high s...
LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerabilities: Improper Input Validation, Out-of-Bounds Read, Code Injection, Untrusted Pointer Dereference,...
Cisco VoIP Script Insertion / Weak Passwords / Undocumented Functionality
Cisco VoIP phone such as models 88XX suffer from script insertion, weak and hard-coded passwords, undocumented debug functionality, and various outdated components with known vulnerabilities. ======================================================================= title: Multiple Vulnerabilities...
CVE-2018-16201
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands...
CVE-2018-16186
RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached D5520, D6500, D6510, D7500, D8400, and the display versions with RICOH Interactive Whiteboard Controller Type2 V3....
CVE-2018-16201
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands...
CVE-2018-16186
RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached D5520, D6500, D6510, D7500, D8400, and the display versions with RICOH Interactive Whiteboard Controller Type2 V3....
CVE-2018-16186
CVE-2018-16186 concerns Ricoh Interactive Whiteboard devices and displays. The connected sources indicate hard-coded administrator credentials in multiple components: D2200, D5500, D5510 (V1.1–V2.2) and displays using Controller Type1 (V1.1–V2.2) attached to D5520, D6500, D6510, D7500, D8400, plu...