8087 matches found
CVE-2025-58740
The use of a hard-coded encryption key in calls to the Password function in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows a local attacker to decrypt database credentials by reading the cryptographic key from the executable. This issue affects ImageDirector Capture: from...
CVE-2026-0622
Open 5GS WebUI uses a hard-coded JWT signing key change-me whenever the environment variable JWTSECRETKEY is unset...
CVE-2026-0622
Open 5GS WebUI uses a hard-coded JWT signing key change-me whenever the environment variable JWTSECRETKEY is unset...
CVE-2026-0622
Open5GS WebUI is affected by CVE-2026-0622: by default it uses hard-coded JWT signing keys (the string change-me) when JWT_SECRET_KEY is unset, allowing an unauthenticated network attacker to forge JWTs and gain access to protected WebUI endpoints (notably under /api/db/*). The issue arises from ...
CVE-2026-0622 Open 5GS WebUI uses a hard-coded JWT signing key
Open 5GS WebUI uses a hard-coded JWT signing key change-me whenever the environment variable JWTSECRETKEY is unset...
CVE-2026-0622 Open 5GS WebUI uses a hard-coded JWT signing key
Open 5GS WebUI uses a hard-coded JWT signing key change-me whenever the environment variable JWTSECRETKEY is unset...
CVE-2026-0622
Open 5GS WebUI uses a hard-coded JWT signing key change-me whenever the environment variable JWTSECRETKEY is unset...
CVE-2025-14115
IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...
CVE-2025-14115 IBM Sterling Connect:Direct for UNIX Container is affected by vulnerability where hard-coded credentials are embeeded in the product for its internal use.
IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...
CVE-2025-14115
IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...
CVE-2025-14115
CVE-2025-14115 affects IBM Sterling Connect:Direct for UNIX Container. Concrete details from connected sources: vulnerable versions are 6.3.0.0 to 6.3.0.6_iFix016 and 6.4.0.0 to 6.4.0.3_iFix019. The root cause is hard-coded credentials used for inbound authentication, outbound communication, or i...
CVE-2025-14115 IBM Sterling Connect:Direct for UNIX Container is affected by vulnerability where hard-coded credentials are embeeded in the product for its internal use.
IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...
CVE-2026-1221
PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to the database using hardcoded database credentials stored in the firmware...
CVE-2026-1221 BROWAN COMMUNICATIONS |PrismX MX100 AP controller - Use of Hard-coded Credentials
PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to the database using hardcoded database credentials stored in the firmware...
CVE-2026-1221
PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to the database using hardcoded database credentials stored in the firmware...
CVE-2026-1221
CVE-2026-1221 concerns the PrismX MX100 AP controller from Browan Communications. Multiple connected sources confirm a vulnerability described as the use of hard-coded credentials stored in firmware, enabling unauthenticated remote login to the database. Reported impact is high on confidentiality...
CVE-2026-1221 BROWAN COMMUNICATIONS |PrismX MX100 AP controller - Use of Hard-coded Credentials
PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to the database using hardcoded database credentials stored in the firmware...
PT-2026-3581
IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...
PT-2026-3669
Name of the Vulnerable Software and Affected Versions Milner ImageDirector Capture versions 7.0.9.0 through 7.6.3.25808 Description A flaw exists in Milner ImageDirector Capture on Windows due to the use of hard-coded application encryption keys within the C2SGlobalSettings.dll component. This...
PT-2026-3541
Name of the Vulnerable Software and Affected Versions PrismX MX100 AP controller Description The PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a flaw related to the use of hard-coded credentials. This allows unauthenticated remote attackers to gain access to the database using...