Lucene search
K

4250 matches found

Nuclei
Nuclei
added 18 hours ago56 views

Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access

Tieline IP Audio Gateway 2.6.4.8 and below is affected by a vulnerability in the web administrative interface that could allow an unauthenticated user to access a sensitive part of the system with a high privileged account. id: CVE-2021-35336 info: name: Tieline IP Audio Gateway =2.6.4.8 -...

9.8CVSS7AI score0.11587EPSS
Exploits1References4
Nuclei
Nuclei
added 18 hours ago62 views

Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection

Wireless Multiplex Terminal Playout Server =20.2.8 has a default account with a password of pokon available via its web administrative interface. id: CVE-2020-35338 info: name: Wireless Multiplex Terminal Playout Server =20.2.8 - Default Credential Detection author: Jeya Seelan severity: critical...

9.8CVSS7AI score0.12111EPSS
Exploits1References5
Nuclei
Nuclei
added 18 hours ago404 views

JFrog Artifactory 6.7.3 - Admin Login Bypass

JFrog Artifactory 6.7.3 is vulnerable to an admin login bypass issue because by default the access-admin account is used to reset the password of the admin account. While this is only allowable from a connection directly from localhost, providing an X-Forwarded-For HTTP header to the request allo...

9.8CVSS7AI score0.53879EPSS
Exploits3References5
Nuclei
Nuclei
added 18 hours ago70 views

Vue Vben Admin - Default Credentials

Vue Vben Admin 2.10.1 contains a broken authentication caused by hardcoded credentials in the backend, letting attackers log in without proper authorization, exploit requires access to the login interface. id: CVE-2025-25570 info: name: Vue Vben Admin - Default Credentials author: 0xAkoko severit...

9.8CVSS7.1AI score0.01999EPSS
Exploits0References2
Nuclei
Nuclei
added 18 hours ago63 views

ZKTeco BioTime <= 9.0.1 - Privilege Escalation

BioTime default employee credentials password 123456 allow login. Sessions are not role-validated, enabling privilege escalation to perform admin actions and enumerate backup files. id: CVE-2023-38952 info: name: ZKTeco BioTime = 9.0.1 - Privilege Escalation author: riteshs4hu severity: high...

9.8CVSS6.9AI score0.03258EPSS
Exploits2References3
NVD
NVD
added 5 days ago7 views

CVE-2026-3144

IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update...

9.8CVSS0.00412EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-3144 IBM API Connect Default Credentials

IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update...

8.1CVSS0.00412EPSS
Exploits0References1
CVE
CVE
added 5 days ago8 views

CVE-2026-3144

CVE-2026-3144 affects IBM API Connect 12.1.0.0 through 12.1.0.3. The issue is the use of default credentials, which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update. Exploitation details or a remediation/fix are not provided in ...

9.8CVSS5.9AI score0.00412EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42304

IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update...

8.1CVSS5.9AI score0.00412EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-56477

Name of the Vulnerable Software and Affected Versions IBM API Connect versions 12.1.0.0 through 12.1.0.3 Description The application uses default credentials, which may allow an attacker to gain unauthorized access before the system requires a credential update. Recommendations Update IBM API...

9.8CVSS6.1AI score0.00412EPSS
Exploits0References5
NVD
NVD
added 2026/07/02 8:17 p.m.10 views

CVE-2026-58466

AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials seeded at startup via adddefaultuser in the database user module when the users table is empt...

9.8CVSS0.00505EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/02 7:56 p.m.34 views

CVE-2026-58466 AutoBangumi < 3.2.8 - Hard-coded Default Credentials via add_default_user()

AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials seeded at startup via adddefaultuser in the database user module when the users table is empt...

9.8CVSS0.00505EPSS
Exploits0References4
CVE
CVE
added 2026/07/02 7:56 p.m.14 views

CVE-2026-58466

AutoBangumi prior to version 3.2.8 contains a hard-coded default-credentials vulnerability. When the users table is empty, a default administrator account is seeded at startup via add_default_user() in the database user module, allowing unauthenticated attackers to authenticate as admin by submit...

9.8CVSS5.8AI score0.00505EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-421 MLflow Use of Default Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basicauth.ini file. The file contains hard-coded default credentials. An attacker can leverage...

9.8CVSS7.7AI score0.00968EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/26 10:52 p.m.38 views

CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS0.00569EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in qBittTorrent

All versions of the qBittorrent client up to 4.5.5 use default credentials when the web user interface is enabled. Administrators are not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and...

9.8CVSS6AI score0.00908EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 8:16 p.m.9 views

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 6:51 p.m.7 views

EUVD-2026-38342

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS5.8AI score0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 6:51 p.m.6 views

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS5.8AI score0.00104EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 6:51 p.m.33 views

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS0.00104EPSS
Exploits0References1
Rows per page
Query Builder