CVE-2018-8856

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data...

CVE-2018-8856

This CVE affects Philips e-Alert Unit (non-medical device), Versions R2.1 and prior. The issue is the use of a hard-coded cryptographic key for internal data encryption (CWE-798), which enables high-severity impact. Per the connected docs, CVSS v3 base score is 9.8 (critical) with remote/network ...

Collectric CMU 1.0 - lang Hard-Coded Credentials SQL injection

Collectric CMU 1.0 - lang Hard-Coded Credentials SQL injection Exploit Title: Collectric CMU 1.0 - 'lang' SQL injection Google Dork: "Inloggning Collectric CMU" Discoverer: Simon Brannstrom Date: 2018-09-15 Vendor Homepage: http://ourenergy.se/ Software Link: n/a Version: All known versions Teste...

Collectric CMU 1.0 - 'lang' Hard-Coded Credentials / SQL injection

Exploit Title: Collectric CMU 1.0 - 'lang' SQL injection Google Dork: "Inloggning Collectric CMU" Discoverer: Simon Brannstrom Date: 2018-09-15 Vendor Homepage: http://ourenergy.se/ Software Link: n/a Version: All known versions Tested on: Linux CVE: N/A About: Collectric CMU is a Swedish made...

Oracle WebCenter Interaction Information Disclosure Vulnerability

Oracle WebCenter Interaction is an Oracle suite for creating enterprise portals, collaborative communities, portfolio applications and social applications. An information disclosure vulnerability in Oracle WebCenter Interaction version 10.3.3, which originates from a program that compiles the que...

CVE-2018-16957

Oracle WebCenter Interaction 10.3.3 search service’s queryd.exe is built with a hardcoded password (i1g2s3c4) used for authentication, and customers cannot customize this credential. A remote attacker could issue search queries over the network to exfiltrate large amounts of sensitive information...

Amcrest Security Bypass Vulnerability

Amcrest is a webcam product from the American company Amcrest. A security vulnerability exists in Amcrest that stems from the device using the same hard-coded SSL private key for different customer installations of the program. An attacker could exploit the vulnerability to bypass cryptographic...

Philips e-Alert Information Disclosure Vulnerability

Philips e-Alert is an electronic alert solution for MRI systems from Philips in the Netherlands, which is used to monitor and alert on MRI system performance. A security vulnerability exists in Philips e-Alert R2.1 and prior versions, which stems from the program's use of a hard-coded key to...

Unspecified vulnerability in BHIM application for Android (CNVD-2019-41447)

BHIM application for Android is an Android platform based mobile payment application by National Payments India. A security vulnerability exists in the National Payments Corporation in version 1.3 of the India BHIM application for Android-based platform, which stems from the program's reliance on...

CA Unified Infrastructure Management Hard-Coded Password Phrase Vulnerability

CA Unified Infrastructure Management is a powerful unified IT monitoring solution that helps organizations deliver reliable, flexible IT services. A hard-coded password phrase vulnerability exists in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, which can be exploited by an attacker...

CVE-2018-14901

The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services...

CVE-2018-14901

The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services...

Hardcoded credentials

The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services...

CVE-2018-14901

The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services...

CVE-2018-14901

The CVE-2018-14901 entry affects Epson iPrint for Android (version 6.6.3). The vulnerability arises from hard-coded API and secret keys for third‑party services (Dropbox, Box, Evernote, OneDrive) stored in the app, as described in CNVD-2018-17427. This leads to potential information disclosure an...

Security Bulletin: IBM Data Science Experience Local is affected by a Use of Hard-coded Password vulnerability

Summary IBM Data Science Experience Local has addressed the following vulnerability. Password for Data Science Experience Local Hadoop Integration Knox Gateway was hard-coded. Password for Data Science Experience Local Keystore and Truststore was hard-coded. Credentials for Data Science Experienc...

Privilege escalation

The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials...

CVE-2018-12240

The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials...

CVE-2018-12240

The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials...

CVE-2018-12240

Norton Identity Safe (prior to 5.3.0.976) is affected by a privilege-escalation vulnerability caused by a hard-coded IV in its encryption flow. This could allow an attacker to recover encrypted data with insufficient credentials. Affected product/version: Norton Identity Safe before 5.3.0.976. Re...