Lucene search
+L

1141 matches found

Positive Technologies
Positive Technologies
•added 2026/03/12 12:0 a.m.•7 views

PT-2026-24904

🚨 CVE-2025-59388 A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: Hyper Data Protector 2.3.1.455 and...

9.8CVSS5.8AI score0.00474EPSS
Exploits0References9
EUVD
EUVD
•added 2026/03/11 9:31 p.m.•8 views

EUVD-2025-208601

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

5.8AI score0.00445EPSS
Exploits0References4
NVD
NVD
•added 2026/03/11 9:16 p.m.•5 views

CVE-2025-70041

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

9.8CVSS0.00445EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
•added 2026/03/11 12:0 a.m.•4 views

CVE-2025-70041

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

5.8AI score0.00445EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/03/11 12:0 a.m.•31 views

CVE-2025-70041

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

0.00445EPSS
Exploits0References3
Vulnrichment
Vulnrichment
•added 2026/03/11 12:0 a.m.•3 views

CVE-2025-70041

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

5.8AI score0.00445EPSS
Exploits0References3
CVE
CVE
•added 2026/03/11 12:0 a.m.•13 views

CVE-2025-70041

Technical details are not publicly available in the provided documents for CVE-2025-70041; monitor for updates.

9.8CVSS5.8AI score0.00445EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2026/03/11 12:0 a.m.•9 views

PT-2026-24828

Name of the Vulnerable Software and Affected Versions oslabs-beta ThermaKube master affected versions not specified Description The software contains a hard-coded password. This relates to CWE-259, which involves the use of passwords directly embedded within the code. Recommendations At the momen...

9.8CVSS5.8AI score0.00445EPSS
Exploits0References7
Vulnrichment
Vulnrichment
•added 2026/02/06 6:57 p.m.•5 views

CVE-2026-25753 PlaciPy has a Hard-Coded Default Password for All Student Accounts (Account Takeover)

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the...

9.3CVSS5.5AI score0.00356EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
•added 2026/02/06 6:57 p.m.•6 views

CVE-2026-25753

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the...

9.3CVSS5.4AI score0.00356EPSS
Exploits0References2Affected Software1
CVE
CVE
•added 2026/02/06 6:57 p.m.•20 views

CVE-2026-25753

PlaciPy (educational placement system) v1.0.0 has a hard-coded, static default password for all newly created student accounts, enabling mass account takeover. The vulnerability, described across multiple sources (NVD, Red Hat, CVE lists, OSV, ENISA, Attackerkb), states that any attacker who know...

9.8CVSS5.4AI score0.00356EPSS
Exploits0References1Affected Software1
OSV
OSV
•added 2026/02/06 6:57 p.m.•6 views

CVE-2026-25753 PlaciPy has a Hard-Coded Default Password for All Student Accounts (Account Takeover)

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the...

9.3CVSS5.4AI score0.00356EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2026/02/06 12:0 a.m.•11 views

PT-2026-6779

Name of the Vulnerable Software and Affected Versions PlaciPy version 1.0.0 Description PlaciPy, a placement management system for educational institutions, uses a hard-coded, static default password for all newly created student accounts in version 1.0.0. This allows for mass account takeover,...

9.8CVSS5.4AI score0.00356EPSS
Exploits0References8
NVD
NVD
•added 2026/01/26 10:16 a.m.•6 views

CVE-2025-59096

The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...

4.6CVSS0.00155EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/01/09 12:26 p.m.•11 views

CVE-2018-12323

An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded for the root and admin accounts, which makes it easier for physically proximate attackers to login at the console...

7.2CVSS7.2AI score0.0043EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2026/01/09 11:29 a.m.•10 views

CVE-2021-27440

The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 all firmware versions prior to 02A04.1...

9.8CVSS7.3AI score0.01351EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/01/09 10:56 a.m.•9 views

CVE-2022-38823

In TOTOLINK T6 V4.1.5cu.709B20210518, there is a hard coded password for root in /etc/shadow.sample...

9.8CVSS7.2AI score0.00951EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2026/01/09 10:54 a.m.•12 views

CVE-2022-23402

The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...

9.8CVSS7.1AI score0.00981EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/01/09 10:50 a.m.•13 views

CVE-2022-37841

In TOTOLINK A860R V4.1.2cu.5182B20201027 there is a hard coded password for root in /etc/shadow.sample...

7.5CVSS7.2AI score0.00594EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/01/09 9:59 a.m.•6 views

CVE-2020-7590

A vulnerability has been identified in DCA Vantage Analyzer All versions V4.5 are affected by CVE-2020-7590. In addition, serial numbers 40000 running software V4.4.0 are also affected by CVE-2020-15797. Affected devices use a hard-coded password to protect the onboard database. This could allow ...

7.2CVSS6.2AI score0.00384EPSS
Exploits0References1
Rows per page
Query Builder