Lucene search
K

4238 matches found

Nuclei
Nuclei
added yesterday34 views

Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access

Tieline IP Audio Gateway 2.6.4.8 and below is affected by a vulnerability in the web administrative interface that could allow an unauthenticated user to access a sensitive part of the system with a high privileged account. id: CVE-2021-35336 info: name: Tieline IP Audio Gateway =2.6.4.8 -...

9.8CVSS7.2AI score0.11587EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday41 views

ZKTeco BioTime <= 9.0.1 - Privilege Escalation

BioTime default employee credentials password 123456 allow login. Sessions are not role-validated, enabling privilege escalation to perform admin actions and enumerate backup files. id: CVE-2023-38952 info: name: ZKTeco BioTime = 9.0.1 - Privilege Escalation author: riteshs4hu severity: high...

9.8CVSS7AI score0.03197EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday33 views

Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection

Wireless Multiplex Terminal Playout Server =20.2.8 has a default account with a password of pokon available via its web administrative interface. id: CVE-2020-35338 info: name: Wireless Multiplex Terminal Playout Server =20.2.8 - Default Credential Detection author: Jeya Seelan severity: critical...

9.8CVSS7.2AI score0.11651EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday396 views

JFrog Artifactory 6.7.3 - Admin Login Bypass

JFrog Artifactory 6.7.3 is vulnerable to an admin login bypass issue because by default the access-admin account is used to reset the password of the admin account. While this is only allowable from a connection directly from localhost, providing an X-Forwarded-For HTTP header to the request allo...

9.8CVSS7.2AI score0.53879EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday18 views

Vue Vben Admin - Default Credentials

Vue Vben Admin 2.10.1 contains a broken authentication caused by hardcoded credentials in the backend, letting attackers log in without proper authorization, exploit requires access to the login interface. id: CVE-2025-25570 info: name: Vue Vben Admin - Default Credentials author: 0xAkoko severit...

9.8CVSS7.3AI score0.01999EPSS
Exploits0References2
OSV
OSV
added last week6 views

PYSEC-2026-421 MLflow Use of Default Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basicauth.ini file. The file contains hard-coded default credentials. An attacker can leverage...

9.8CVSS7.7AI score0.00968EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/26 10:52 p.m.35 views

CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS0.0045EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 8:16 p.m.8 views

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 6:51 p.m.6 views

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS5.8AI score0.00104EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 6:51 p.m.30 views

CVE-2026-44273

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 6:51 p.m.6 views

EUVD-2026-38342

Dell Wyse Management Suite WMS, versions prior to WMS 2605, contain a Use of Default Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information Disclosure...

6CVSS5.8AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 6:51 p.m.7 views

CVE-2026-44273

Dell Wyse Management Suite (WMS) is affected. In versions prior to 2605, there is a Use of Default Credentials vulnerability allowing a high-privileged local attacker to cause Information Disclosure. Root cause: use of default credentials enabling local access. Impact: Information Disclosure with...

6CVSS5.8AI score0.00104EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/19 2:16 p.m.12 views

CVE-2026-9142

There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network. This affects NI grpc-device 2.17.0 and prior versions...

9.3CVSS0.00308EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 1:41 p.m.6 views

CVE-2026-9142

There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network. This affects NI grpc-device 2.17.0 and prior versions...

9.3CVSS5.9AI score0.00308EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/19 1:41 p.m.29 views

CVE-2026-9142 Insecure Default Credentials vulnerability in NI grpc-device when TLS configuration is not present

There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network. This affects NI grpc-device 2.17.0 and prior versions...

9.3CVSS0.00308EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 8:16 p.m.9 views

CVE-2026-47847

Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADBREPLICATIONUSER and MARIADBREPLICATIONPASSWORD environment variables defaulted to monitor and monitor respectively. This user...

5.3CVSS0.00187EPSS
Exploits0References1
OSV
OSV
added 2026/06/18 12:0 p.m.7 views

BIT-MARIADB-GALERA-2026-47847 Default replication credential monitor:monitor created

Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADBREPLICATIONUSER and MARIADBREPLICATIONPASSWORD environment variables defaulted to monitor and monitor respectively. This user...

5.3CVSS5.5AI score0.00187EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 10:14 p.m.26 views

CVE-2026-54445 Vantage6: Set admin user and password from environment or configuration

vantage6 is an open-source infrastructure for privacy preserving analysis. Versions prior to 5.0.0 provide an initial user with username root and password root. This is not ideal because attackers know that almost all vantage6 servers have a user with username root that probably has admin rights,...

6.9CVSS0.00292EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 5:16 p.m.11 views

CVE-2026-32652

Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earli...

7.8CVSS0.00098EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 3:29 p.m.20 views

CVE-2026-32652

Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earli...

7.8CVSS0.00098EPSS
Exploits0References1
Rows per page
Query Builder