CVE-2025-62575 Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource

NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user account 'nmdbuser' and other created accounts by default have the sysadmin role. This can lead to remote code execution through the use of certain built-in stored procedures...

EUVD-2017-5879

Malware in sbrugna...

EUVD-2005-3315

Malware in sbrugna...

Authentication Bypass

PostgreSQL is vulnerable to authentication bypass. It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty password. A remote attacker could potentially use this flaw to gain access to database accounts with...

Dell OpenManage Network Manager MySQL vulnerability

Added: 11/20/2018 BID: 105912 Background Dell OpenManage Network Manager is a product for monitoring and managing network devices. Problem Dell OpenManage Network Manager runs the MySQL database service with root privileges and enables default database accounts, allowing a remote attacker to writ...

CVE-2017-14376

EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system...

Hardcoded credentials

EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system...

CVE-2017-14376

EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system...

CVE-2017-14376

CVE-2017-14376 affects EMC AppSync Server prior to 3.5.0.1. The vulnerability arises from hardcoded database passwords for accounts, specifically the administrative-privilege accounts (e.g., apollosuperuser and apollouser). An attacker with local access to the AppSync PostgreSQL database and know...

CVE-2017-14376

EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system...

EMC AppSync Server Hardcoded Password Vulnerability

EMC AppSync contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system. Versions prior to 3.5.0.1 are affected. EMC AppSync Hardcoded Password Vulnerability CVE Identifier: CVE-2017-14376 Severity Rating: CVSS v3 Ba...

Authentication flaw

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password...

CVE-2017-7546

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password...

ACLS ineffective in SQL-Ledger and LedgerSMB

Hi all; I have decided to finally send to this list a serious security flaw in the design of SQL-Ledger all versions. LedgerSMB all versions is also affected but the problem with a workaround has been mentioned in our documentation since the fork. Ordinarily I would not make a big deal out of thi...

CVE-2005-3316

The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the 1 DiscoveryWeb and 2 DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password...

[SA17302] Symantec Discovery Database Accounts Null Password

TITLE: Symantec Discovery Database Accounts Null Password SECUNIA ADVISORY ID: SA17302 VERIFY ADVISORY: http://secunia.com/advisories/17302/ CRITICAL: Moderately critical IMPACT: Manipulation of data, Exposure of sensitive information WHERE: From local network SOFTWARE: Symantec Discovery 6.x...

Symantec Discovery Web Accounts Null Password

SUMMARY Risk Impact Medium Remote Access | Yes ---|--- Local Access | Yes Authentication Required | No Exploit publicly available | NA AFFECTED PRODUCTS Product | Version | Solution ---|---|--- ON Command Discovery Standard Edition | 4.5.x | Downloadable Updates ON Command Discovery Web Edition |...