9 matches found
CVE-2021-28913
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access...
EUVD-2025-31625
Malicious code in bioql PyPI...
CVE-2025-34215 Vasion Print (formerly PrinterLogic) Unauthenticated Firmware Update Endpoint RCE
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 only VA deployments expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v1/update, and every Docker image contains the...
CVE-2025-34215 Vasion Print (formerly PrinterLogic) Unauthenticated Firmware Update Endpoint RCE
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1026 and Application prior to version 20.0.2702 only VA deployments expose an unauthenticated firmware-upload flow: a public page returns a signed token usable at va-api/v1/update, and every Docker image contains the...
PT-2025-39882
Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1026 Vasion Print formerly PrinterLogic Application versions prior to 20.0.2702 Description The Vasion Print Virtual Appliance Host and Application deployments ar...
CVE-2021-28912
BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key passphrase known as 'eibPort string'. This is usable and the final part of an attack chain to gain SSH root access...
CVE-2024-5764
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...
CVE-2024-5764 Nexus Repository 3 - Static hard-coded encryption passphrase used by default
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database SMTP or HTTP proxy credentials, user tokens, tokens, among others. The affected versions relied on ...
CVE-2021-28913
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access...