Lucene search
K

3836 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.9 views

CVE-2026-21404

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS5.5AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.9 views

CVE-2026-6610

A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipulation of the argument USER/PASSWORD leads to hard-coded credentials. The attack may be launched...

6.3CVSS4.9AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.12 views

CVE-2026-6578

A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of the argument SECRETKEY results in hard-coded credentials. The attack can be launched remotely. Th...

6.3CVSS5.4AI score0.00323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.7 views

CVE-2026-4832

CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port...

6.9CVSS5.5AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.10 views

CVE-2026-22054

Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

8.8CVSS5.4AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.11 views

CVE-2026-22055

Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...

8.8CVSS5.4AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.8 views

CVE-2026-8605

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...

9.8CVSS5.5AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-5189

CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...

9.2CVSS5.8AI score0.00461EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.16 views

CVE-2026-9139

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface where authentication is implemented entirely in client-side JavaScript in login.zhtml, exposing static plaintext credentials in the page source...

9.8CVSS5.5AI score0.00454EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.12 views

CVE-2026-27785

Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials...

8.8CVSS5.4AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42251

Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...

8.7CVSS5.6AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.15 views

CVE-2026-42929

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...

8.7CVSS5.4AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.11 views

CVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...

9.8CVSS5.5AI score0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 5:49 p.m.30 views

CVE-2025-71317 NetMan 204 Hard-coded Backdoor Credentials

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...

9.8CVSS0.00432EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 8:16 p.m.12 views

CVE-2026-21404

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS0.00122EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 7:44 p.m.9 views

CVE-2026-21404 NAVTOR NavBox Use of Hard-coded Credentials

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS5.5AI score0.00122EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 7:44 p.m.6 views

CVE-2026-21404

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS5.8AI score0.00122EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/04 7:44 p.m.11 views

EUVD-2026-34321

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS5.8AI score0.00122EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 7:44 p.m.34 views

CVE-2026-21404

NAVTOR NavBox (versions up to 4.16.1.20) contains hard-coded credentials in its Windows Communication Foundation (SOAP) implementation. When SOAP is enabled, a local attacker can extract credentials and bypass the intended transfer workflow. Successful authentication to the SOAP interface grants ...

6.3CVSS5.8AI score0.00122EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 7:44 p.m.28 views

CVE-2026-21404 NAVTOR NavBox Use of Hard-coded Credentials

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS0.00122EPSS
Exploits0References2
Rows per page
Query Builder