Lucene search
K

1118 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/26 7:27 a.m.18 views

Security Bulletin: Vulnerability in IBM WebSphere Application ( CVE-2025-14923) affects IBM PowerVM Novalink.

Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could...

9.8CVSS5.8AI score0.00173EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

tickets 信任管理问题漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a vulnerability related to trust management. This vulnerability stemmed from the hardcoding of a Google Maps API key in the tables.php file, which coul...

6.9CVSS5.9AI score0.00224EPSS
Exploits0References1
NVD
NVD
added 2026/05/19 10:16 a.m.21 views

CVE-2026-31986

Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

9.1CVSS0.00421EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/19 9:34 a.m.12 views

EUVD-2026-30873

Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

9.1CVSS5.8AI score0.00421EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 9:34 a.m.31 views

CVE-2026-31986

CVE-2026-31986 affects Apache OFBiz up to version 24.09.05 (pre-24.09.06). The issue is described as a use of a hard-coded cryptographic key, enabling unauthenticated access/impact via default JWT signing key and widget/template injection per CVE listings. The root cause is tied to a hard-coded k...

9.1CVSS5.8AI score0.00421EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 9:34 a.m.7 views

CVE-2026-31986

Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

5.8AI score0.00421EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/19 1:58 a.m.13 views

CVE-2026-8739

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS5.6AI score0.00281EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.18 views

PT-2026-41855

Name of the Vulnerable Software and Affected Versions Apache OFBiz versions prior to 24.09.06 Description Apache OFBiz contains a hard-coded cryptographic key. This flaw may allow remote attackers to gain unauthorized access, expose sensitive data, or tamper with application data. Recommendations...

9.1CVSS5.8AI score0.00421EPSS
Exploits0References7
NVD
NVD
added 2026/05/17 8:16 a.m.18 views

CVE-2026-8739

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS0.00281EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/17 7:45 a.m.10 views

CVE-2026-8739

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/17 7:45 a.m.12 views

CVE-2026-8739 Sanluan PublicCMS SafeConfigComponent.java getSignKey hard-coded key

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/17 7:45 a.m.47 views

CVE-2026-8739 Sanluan PublicCMS SafeConfigComponent.java getSignKey hard-coded key

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS0.00281EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/17 7:45 a.m.23 views

EUVD-2026-30687

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References4
CVE
CVE
added 2026/05/17 7:45 a.m.23 views

CVE-2026-8739

Sanluan PublicCMS 5.202506.d is affected by CVE-2026-8739 in SafeConfigComponent.getSignKey. Manipulating the privatefile_key argument leads to use of a hard-coded cryptographic key, enabling a remote attack. The exploit is public and may be used; vendor contact about disclosure was unresponsive....

6.9CVSS5.8AI score0.00281EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.16 views

PT-2026-41525

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile key results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.12 views

CVE-2026-44278

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.11 views

EUVD-2026-29935

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS6.6AI score0.00124EPSS
Exploits0References3
NVD
NVD
added 2026/05/13 1:16 p.m.12 views

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS0.00124EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 12:1 p.m.10 views

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS6.6AI score0.00124EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 12:1 p.m.74 views

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS0.00124EPSS
Exploits0References2
Rows per page
Query Builder