1141 matches found
PT-2026-24904
šØ CVE-2025-59388 A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: Hyper Data Protector 2.3.1.455 and...
EUVD-2025-208601
An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...
CVE-2025-70041
An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...
CVE-2025-70041
An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...
CVE-2025-70041
An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...
CVE-2025-70041
An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...
CVE-2025-70041
Technical details are not publicly available in the provided documents for CVE-2025-70041; monitor for updates.
PT-2026-24828
Name of the Vulnerable Software and Affected Versions oslabs-beta ThermaKube master affected versions not specified Description The software contains a hard-coded password. This relates to CWE-259, which involves the use of passwords directly embedded within the code. Recommendations At the momen...
CVE-2026-25753 PlaciPy has a Hard-Coded Default Password for All Student Accounts (Account Takeover)
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the...
CVE-2026-25753
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the...
CVE-2026-25753
PlaciPy (educational placement system) v1.0.0 has a hard-coded, static default password for all newly created student accounts, enabling mass account takeover. The vulnerability, described across multiple sources (NVD, Red Hat, CVE lists, OSV, ENISA, Attackerkb), states that any attacker who know...
CVE-2026-25753 PlaciPy has a Hard-Coded Default Password for All Student Accounts (Account Takeover)
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the...
PT-2026-6779
Name of the Vulnerable Software and Affected Versions PlaciPy version 1.0.0 Description PlaciPy, a placement management system for educational institutions, uses a hard-coded, static default password for all newly created student accounts in version 1.0.0. This allows for mass account takeover,...
CVE-2025-59096
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2018-12323
An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console...
CVE-2021-27440
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 all firmware versions prior to 02A04.1...
CVE-2022-38823
In TOTOLINK T6 V4.1.5cu.709B20210518, there is a hard coded password for root in /etc/shadow.sample...
CVE-2022-23402
The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...
CVE-2022-37841
In TOTOLINK A860R V4.1.2cu.5182B20201027 there is a hard coded password for root in /etc/shadow.sample...
CVE-2020-7590
A vulnerability has been identified in DCA Vantage Analyzer All versions V4.5 are affected by CVE-2020-7590. In addition, serial numbers 40000 running software V4.4.0 are also affected by CVE-2020-15797. Affected devices use a hard-coded password to protect the onboard database. This could allow ...