Lucene search
K

2440 matches found

Cvelist
Cvelist
added 2026/05/28 9:2 a.m.37 views

CVE-2026-4377 Use of Weak Credentials in D-Link DWR-X1820 router

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

6CVSS0.00141EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:2 a.m.20 views

CVE-2026-4377

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

6CVSS5.8AI score0.00141EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/28 9:2 a.m.25 views

CVE-2026-4377

The CVE refers to the D-Link DWR-X1820 router, where a weak default password is generated from the IMEI and does not require change by the user. This vulnerability can allow an attacker who knows the password-generation method to crack the default password given the device IMEI. A fix is availabl...

6CVSS5.8AI score0.00141EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.17 views

PT-2026-44226

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

6CVSS5.8AI score0.00141EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/26 7:34 a.m.15 views

Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2025-14917) affects IBM PowerVM Novalink.

Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could...

9.8CVSS5.8AI score0.00355EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

IBM Cloud Pak for Data System 安全漏洞

IBM Cloud Pak for Data System is an enterprise data and AI integration platform provided by IBM. The version 11.3.0.2 of IBM Cloud Pak for Data System, as well as the Interim Fix 002, contain security vulnerabilities. These vulnerabilities stem from the use of default passwords during the...

7.5CVSS5.8AI score0.00269EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/05/26 12:0 a.m.63 views

📄 ZTE ZXHN H188A V6 Authentication Bypass

Unauthenticated requests to the root path of ZTE ZXHN H188A V6 firmware can reach pre-login wizard handlers and disclose WLAN PSKs, SSIDs, and PPPoE usernames. The leaked Wi-Fi password is also the default administrator password after uppercasing, resulting in full authentication bypass. -----BEG...

7.1CVSS5.8AI score0.08943EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.15 views

PT-2026-42763

Name of the Vulnerable Software and Affected Versions Avantra versions prior to 25.3.0 Description An issue in syslink software AG Avantra on Linux and Windows allows the use of common or default usernames and passwords to gain unauthorized access. Recommendations Update to version 25.3.0 or late...

5.1CVSS5.8AI score0.00105EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/13 2:22 p.m.7 views

CVE-2020-37220

Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...

8.7CVSS5.8AI score0.00356EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/13 2:22 p.m.7 views

CVE-2020-37220 Huawei HG630 V2 Router Authentication Bypass via Serial Number

Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...

8.7CVSS5.8AI score0.00356EPSS
Exploits0References3
CVE
CVE
added 2026/05/13 2:22 p.m.12 views

CVE-2020-37220

Huawei HG630 V2 router is affected by an authentication-bypass vulnerability where an unauthenticated attacker can obtain administrative access by querying /api/system/deviceinfo to retrieve the SerialNumber and using its last 8 characters as the login password. The connected CVE entry provides t...

8.7CVSS5.8AI score0.00356EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.17 views

PT-2026-40621

Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Attackers can query the /api/system/deviceinfo endpoint without authentication to extract the SerialNumber field, th...

8.7CVSS5.8AI score0.00356EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/12 12:32 p.m.17 views

EUVD-2026-29438

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS5.8AI score0.00239EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 10:16 a.m.14 views

CVE-2026-7428

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 9:16 a.m.9 views

CVE-2026-7428

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS5.8AI score0.00239EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 9:16 a.m.13 views

CVE-2026-7428 Insecure default administrative credentials in AlloyDB for PostgreSQL

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS5.8AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-39995

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

9.2CVSS5.8AI score0.00239EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 5:35 p.m.11 views

Security Bulletin: IBM MQ Appliance is affected by a default password vulnerability (CVE-2025-14917)

Summary IBM MQ Appliance has addressed a default password vulnerability. Vulnerability Details CVEID:CVE-2025-14917 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when...

9.8CVSS5.8AI score0.00355EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 12:46 p.m.13 views

Security Bulletin: Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063).

Summary Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address these...

9.8CVSS6AI score0.00978EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.10 views

Advantech ADAM-6000 Use of Default Password (CVE-2008-5848)

The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and 1 monitor or 2 control the module's Modbus/TCP I/O activity. This plugin only works with Tenable.ot. Please visit...

10CVSS5.8AI score0.03325EPSS
Exploits0References4
Rows per page
Query Builder