Lucene search
+L

96 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:54 p.m.5 views

CVE-2022-33862

IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead attackers to identify and access vulnerable systems...

6.7CVSS6.8AI score0.00179EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.31 views

Curl 7.76.0 < 8.12.0 Default Credential Leak (CVE-2025-0167)

When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a default entry that omits both login and password. A rare...

3.4CVSS6.3AI score0.00663EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/05 9:7 p.m.10 views

CVE-2022-20918

A vulnerability in the Simple Network Management Protocol SNMP access controls for Cisco FirePOWER Software for Adaptive Security Appliance ASA FirePOWER module, Cisco Firepower Management Center FMC Software, and Cisco Next-Generation Intrusion Prevention System NGIPS Software could allow an...

7.5CVSS6.7AI score0.00847EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/02/05 3:36 p.m.3 views

Security update for curl

This update for curl fixes the following issues: CVE-2025-0725: Fixed gzip integer overflow bsc1236590 CVE-2025-0167: Fixed netrc and default credential leak bsc1236588 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

5.9CVSS7.6AI score0.01218EPSS
Exploits2References8
SUSE Linux
SUSE Linux
added 2025/02/05 3:32 p.m.2 views

Security update for curl

This update for curl fixes the following issues: CVE-2025-0725: Fixed gzip integer overflow bsc1236590 CVE-2025-0167: Fixed netrc and default credential leak bsc1236588 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

5.9CVSS6.3AI score0.01218EPSS
Exploits2References8
RedhatCVE
RedhatCVE
added 2025/02/05 3:15 a.m.16 views

CVE-2024-51554

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

9.8CVSS7AI score0.00394EPSS
Exploits0References1
NVD
NVD
added 2024/12/05 1:15 p.m.22 views

CVE-2024-51555

Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02...

10CVSS0.00409EPSS
Exploits0References1
CVE
CVE
added 2024/12/05 12:59 p.m.70 views

CVE-2024-51555

Summary: CVE-2024-51555 concerns default credential vulnerabilities in ABB ASPECT and related series. Publicly available default credentials allow access to ABB ASPECT devices due to design that does not require changing defaults (affected: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02;...

10CVSS9.6AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2024/11/25 8:54 a.m.55 views

CVE-2022-33862

CVE-2022-33862 affects Eaton IPP software prior to v1.71, with a default credentials vulnerability. Root cause: insecure/default credentials allowing a local attacker (Privilege: HIGH) with no user interaction to access confidential data and take control. Impact: potential compromise of authentic...

6.7CVSS6.5AI score0.00179EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/25 8:54 a.m.23 views

CVE-2022-33862 Improper access control mechanism in IPP

IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead attackers to identify and access vulnerable systems...

6.7CVSS0.00179EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/01 12:6 p.m.17 views

CVE-2024-4007 Hard coded default credential contained in install package

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured...

8.8CVSS7AI score0.01511EPSS
Exploits3References1
CVE
CVE
added 2024/05/20 8:36 p.m.320 views

CVE-2024-35192

CVE-2024-35192 affects Trivy prior to 0.51.2. Triggering image scans from a crafted malicious registry could leak credentials for registries (e.g., AWS ECR, Google Artifact/Container Registry, Azure ACR) to the user running Trivy. The tokens could be used to push/pull images from registries the u...

5.5CVSS6.2AI score0.0019EPSS
Exploits0References2
NVD
NVD
added 2024/01/09 10:15 a.m.24 views

CVE-2023-49621

A vulnerability has been identified in SIMATIC CN 4100 All versions V2.7. The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device...

9.8CVSS9.6AI score0.00597EPSS
Exploits0References1
Prion
Prion
added 2023/10/09 4:15 a.m.19 views

Default credentials

Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system by leveraging the Common Management Portal web interface for Authenticated remote upload and creation of arbitrary files affecting...

6.5CVSS9AI score0.00708EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2023/09/04 12:0 a.m.258 views

D-LINK DPH-400SE - Exposure of Sensitive Information Vulnerability

Exploit Title : DLINK DPH-400SE - Exposure of Sensitive Information Exploit Author : tahaafarooq Vendor Homepage : https://dlink.com/ Version : FRU2.2.15.8 Tested on: DLINK DPH-400SE VoIP Phone Description: With default credential for the guest user "guest:guest" to login on the web portal, the...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2023/08/30 2:10 p.m.255 views

Daimler Truck: Default credential to login at site management panel

Summary: Hi Team During recon on shodan I came across an IP pointing towards lre.daimlertruck.com Here is the shodan link https://www.shodan.io/host/20.219.79.49 On port 8443, there was a login panel at https://20.219.79.49:8443/Site/ and using default credential admin admin I was able to login...

7AI score
Exploits0
OSV
OSV
added 2022/12/08 6:15 p.m.3 views

CVE-2022-46831

In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators...

4.9CVSS5.8AI score0.00449EPSS
Exploits0References1
CVE
CVE
added 2022/12/08 5:38 p.m.66 views

CVE-2022-46831

JetBrains TeamCity versions 2022.10–2022.10.1 are affected by CVE-2022-46831 due to a flaw when connecting to AWS with the Default Credential Provider Chain, allowing TeamCity project administrators to access AWS resources normally restricted to TeamCity system administrators. Impact is exposure ...

6.6CVSS5.1AI score0.00449EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.7 views

PT-2022-27989 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions 2022.10 through 2022.10.1 Description: The issue allows TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators when connecting to AWS using the "Default Credentia...

6.6CVSS5.1AI score0.00449EPSS
Exploits0References6
OSV
OSV
added 2022/11/15 9:15 p.m.5 views

CVE-2022-20918

A vulnerability in the Simple Network Management Protocol SNMP access controls for Cisco FirePOWER Software for Adaptive Security Appliance ASA FirePOWER module, Cisco Firepower Management Center FMC Software, and Cisco Next-Generation Intrusion Prevention System NGIPS Software could allow an...

7.5CVSS5.8AI score0.00847EPSS
Exploits0References1
Rows per page
Query Builder