CVE-2026-5065

IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...

EUVD-2022-5248

Malicious code in bioql PyPI...

Investigating Security Implications of Automatically Generated Code on the Software Supply Chain

In recent years, various software supply chain SSC attacks have posed significant risks to the global community. Severe consequences may arise if developers integrate insecure code snippets that are vulnerable to SSC attacks into their products. Particularly, code generation techniques, such as...

aap-gateway: CSRF origin checking is disabled

A flaw was found in the Ansible aap-gateway. Cross-site request forgery CSRF origin checking is not done on requests from the gateway to external components, such as the controller, hub, and eda...

CVE-2020-11161

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

IBM Security Verify Information Queue Trust Management Issue Vulnerability

IBM Security Verify Information Queue is an integration product from IBM of America, Inc. IBM Security Verify Information Queue version 10.0.2 is vulnerable to a trust management issue stemming from its use of hard-coded credentials used for inbound authentication, outbound communication to...

Centreon Sensitive Data Exposure

In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components...

GHSA-RX4J-X3FH-9QWG Centreon Sensitive Data Exposure

In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components...

CVE-2020-11161

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

Design/Logic Flaw

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2020-11161

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

PT-2021-17452 · Unknown · Reason Dr60

Name of the Vulnerable Software and Affected Versions: Reason DR60 versions prior to 02A04.1 Description: The software contains a hard-coded password used for inbound authentication or outbound communication to external components. Recommendations: For versions prior to 02A04.1, update to version...

CVE-2019-4675

IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171511...

CVE-2019-17106

In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components...

CVE-2019-17106

In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components...

Xxe

In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components...

CVE-2019-17106

In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components...

CVE-2018-1742

IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 148421...

CVE-2018-8857

Philips Brilliance CT software Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior contains fixed credentials, such as a password or cryptographic key, which it uses for its own inbou...