82 matches found
CVE-2026-44218
ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...
CVE-2016-2360
Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations...
EUVD-2025-201181
An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with netwo...
EUVD-2011-1623
Malware in sbrugna...
EUVD-2007-6050
Malware in sbrugna...
EUVD-2009-1740
Malware in sbrugna...
EUVD-2008-5083
Malware in sbrugna...
EUVD-2025-30192
Malicious code in bioql PyPI...
CVE-2025-30519
Dover Fueling Solutions ProGauge MagLink LX4 Devices have default root credentials that cannot be changed through standard administrative means. An attacker with network access to the device can gain administrative access to the system...
Dover Fueling Solutions ProGauge MagLink LX4 安全漏洞
The Dover Fueling Solutions ProGauge MagLink LX4 is an automated tank gauging system console from Dover Fueling Solutions, USA. A security vulnerability exists in several Dover products that stems from the use of default root credentials that cannot be changed through standard administrative...
Privilege Escalation
github.com/kubernetes-sigs/image-builder is vulnerable to privilege escalation. The vulnerability is due to default root credentials being enabled during the Windows image build process with Nutanix or VMware OVA providers, which allows an attacker with access to the build VM to modify the image...
CVE-2025-7342
A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the Windows image build process when using the Nutanix or VMware OVA providers. These credentials, which allow root access, are disabled at the conclusion of the build. Kubernetes clusters...
CVE-2023-20040
A vulnerability in the NETCONF service of Cisco Network Services Orchestrator NSO could allow an authenticated, remote attacker to cause a denial of service DoS on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group...
RHEL 6 : cfme (RHSA-2015:0028)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0028 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...
runofast Indoor Security Camera for Baby Monitor 安全漏洞
runofast Indoor Security Camera for Baby Monitor is a 1080P HD home monitoring device for baby monitoring. A security vulnerability exists in the runofast Indoor Security Camera for Baby Monitor that stems from the default password for the root account being password. this allows access to the...
PT-2024-32300 · Runofast · Runofast Indoor Security Camera For Baby Monitor
Name of the Vulnerable Software and Affected Versions: runofast Indoor Security Camera for Baby Monitor affected versions not specified Description: The issue concerns a default password set as password for the root account, allowing unauthorized access to the "/stream1" URI via the rtsp://...
CVE-2024-22902
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials...
CVE-2024-22902
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials...
PT-2024-1516 · Vinchin · Vinchin Backup & Recovery
Name of the Vulnerable Software and Affected Versions: Vinchin Backup & Recovery version 7.2 Description: The issue is related to the use of default root credentials in Vinchin Backup & Recovery. This could allow a remote attacker to gain elevated privileges to the level of a root user by...
PYSEC-2024-33
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not expose...