CVE-2025-59107 Static Firmware Encryption Password in dormakaba access manager

Dormakaba provides the software FWServiceTool to update the firmware version of the Access Managers via the network. The firmware in some instances is provided in an encrypted ZIP file. Within this tool, the password used to decrypt the ZIP and extract the firmware is set statically and can be...

CVE-2025-65826

The mobile application was found to contain stored credentials for the network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor. Additionally, if an attacker were locate...

EUVD-2006-0408

Malware in sbrugna...

EUVD-2025-25795

Malicious code in bioql PyPI...

PT-2025-34785 · Kapsch Trafficcom · Ris-9160 +1

Name of the Vulnerable Software and Affected Versions: Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28 Description: The Kapsch TrafficCom RIS-9160 and RIS-9260 Roadside Units RSUs lack secure password requirements for the BIOS...

CVE-2025-52363

Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file and /etc/passwd-. An attacker with access to the firmware image can extract and attempt to crack the root password hash, potentially obtaining administrative access...

CVE-2019-3927

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 anyone can change the administrator and moderator passwords via the iso.3.6.1.4.1.3212.100.3.2.8.1 and iso.3.6.1.4.1.3212.100.3.2.8.2 OIDs. A remote, unauthenticated attacker can use this vulnerability to change the admin or...

Verizon 5G Home LVSKIHP 安全漏洞

The Verizon 5G Home LVSKIHP is an all-in-one integrated modem and router from Verizon USA. It provides access to Verizon Wireless 5G wireless home Internet service. The Verizon 5G Home LVSKIHP InDoorUnit IDU version 3.4.66.162 and OutDoorUnit ODU version 3.33.101.0 devices have a security...

CVE-2021-3519

A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes...

ThinkStation 授权问题漏洞

Lenovo ThinkStation is a desktop workstation from the Chinese company Lenovo. An authorization issue vulnerability exists in ThinkStation, which can be exploited to gain unauthorized access to the boot menu when "BIOS Password At Boot Device List" is set to True...

ASB-A-171413483

In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

Intel Server Board and Compute Module Trust Management Issues Vulnerability

Intel Server Board and Compute Module are both products of Intel Corporation.Intel Server Board is a server motherboard.Compute Module is a computing module. A trust management issue vulnerability exists in Intel Server Board and Compute Module. An attacker could exploit this vulnerability to...

CVE-2018-12172

Improper password hashing in firmware in Intel Server Board S7200AP,S7200APR and Intel Compute Module HNS7200AP, HNS7200AP may allow a privileged user to potentially disclose firmware passwords via local access...

Intel NUC Suite Password Bypass Vulnerability

The Intel NUC is a powerful 4x4-inch micro PC with entertainment, gaming, and work features, featuring a customizable motherboard that supports a wide range of memory, storage, and operating systems you need. The Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH have insufficiently...

CVE-2006-0401

Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors...

CVE-2006-0401

CVE-2006-0401 affects Mac OS X versions prior to 10.4.6 on Intel-based Macs. The issue allows a local attacker with physical access to bypass the firmware password and boot into Single User Mode via unspecified vectors. Impact is local authentication bypass with potential unauthorized access. The...