Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

36 matches found

RedhatCVE
RedhatCVEadded 2026/01/27 3:23 p.m.2 views

CVE-2025-59095

The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...

6.8CVSS5.9AI score0.00014EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/26 10:4 a.m.2 views

CVE-2025-59095

The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...

6.8CVSS5.9AI score0.00014EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/01/26 10:4 a.m.5 views

CVE-2025-59095

CVE-2025-59095 affects dormakaba Kaba exos 9300 software. Public descriptions in multiple sources indicate that DLLs/binaries (notably Kaba.EXOS.common.dll) use a hard-coded, static cryptoKey with a simple XOR-based encrypt/decrypt routine to process user PINs before storing them in MSSQL. The ro...

6.8CVSS5.9AI score0.00014EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/01/09 12:36 p.m.2 views

CVE-2023-49113

The Kiuwan Local Analyzer KLA Java scanning application contains several hard-coded secrets in plain text format. In some cases, this can potentially compromise the confidentiality of the scan results. Several credentials were found in the JAR files of the Kiuwan Local Analyzer. The JAR file...

7.8CVSS6.9AI score0.00031EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-2773

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.05319EPSS
Exploits0References45
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-36720

Malicious code in bioql PyPI...

6.4CVSS5.8AI score0.00048EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-40567

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00035EPSS
Exploits1References2
Malwarebytes
Malwarebytesadded 2025/03/14 3:29 p.m.14 views

Research on iOS apps shows widespread exposure of secrets

Researchers found that most of the apps available on Apple’s App Store leak at least one hard-coded secret. The researchers looked at 156,000 iOS apps and discovered more than 815,000 hardcoded secrets, including very sensitive secrets like keys to cloud storage, various Application Programming...

7.3AI score
Exploits0
CNVD
CNVDadded 2024/08/23 12:0 a.m.3 views

Apache Helix Trust Management Issues Vulnerability

Apache Helix is a general-purpose cluster management framework from the U.S. Apache Apache Foundation. Used to automate the management of partitioning, replication and distributed resources hosted on a cluster of nodes . Apache Helix suffers from a trust management issue vulnerability that stems...

7.5CVSS6.6AI score0.00478EPSS
Exploits0References1
NVD
NVDadded 2024/06/20 1:15 p.m.10 views

CVE-2023-49113

The Kiuwan Local Analyzer KLA Java scanning application contains several hard-coded secrets in plain text format. In some cases, this can potentially compromise the confidentiality of the scan results. Several credentials were found in the JAR files of the Kiuwan Local Analyzer. The JAR file...

7.8CVSS0.00031EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2024/06/20 12:39 p.m.12 views

CVE-2023-49113 Sensitive Data Stored Insecurely in Kiuwan SAST Local Analyzer

The Kiuwan Local Analyzer KLA Java scanning application contains several hard-coded secrets in plain text format. In some cases, this can potentially compromise the confidentiality of the scan results. Several credentials were found in the JAR files of the Kiuwan Local Analyzer. The JAR file...

7AI score0.00031EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/06/20 12:39 p.m.18 views

CVE-2023-49113 Sensitive Data Stored Insecurely in Kiuwan SAST Local Analyzer

The Kiuwan Local Analyzer KLA Java scanning application contains several hard-coded secrets in plain text format. In some cases, this can potentially compromise the confidentiality of the scan results. Several credentials were found in the JAR files of the Kiuwan Local Analyzer. The JAR file...

0.00031EPSS
Exploits1References2
CVE
CVEadded 2024/06/20 12:39 p.m.42 views

CVE-2023-49113

The CVE-2023-49113 issue concerns Kiuwan SAST and Kiuwan Local Analyzer (KLA). The vulnerability is a data leakage risk caused by hard-coded secrets found in JARs: InsightServicesConfig.properties contains insight.github.user and insight.github.password, and Encryptor.properties includes the encr...

7.8CVSS7.7AI score0.00031EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2024/06/20 12:0 a.m.1 views

PT-2024-13679 · Github · Github

Name of the Vulnerable Software and Affected Versions: Kiuwan SAST: versions prior to the fixed version Kiuwan Local Analyzer KLA affected versions not specified Description: The Kiuwan Local Analyzer KLA Java scanning application contains several hard-coded secrets in plain text format,...

7.8CVSS7AI score0.00031EPSS
Exploits1References4
CNNVD
CNNVDadded 2024/01/12 12:0 a.m.1 views

Škoda Modular Infotainment Platform 3 Trust Management Issues Vulnerability

Škoda Modular Infotainment Platform 3 MIB3 is a modular infotainment platform from the Czech company Škoda. A security vulnerability exists in the Škoda Modular Infotainment Platform 3 MIB3 infotainment that stems from the use of hard-coded secret values...

9.8CVSS6.8AI score0.00054EPSS
Exploits0References2
OSV
OSVadded 2023/07/20 2:15 p.m.0 views

CVE-2023-32476

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files...

5.5CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2023/07/20 2:15 p.m.6 views

CVE-2023-32476

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files...

6.4CVSS6.4AI score0.00048EPSS
Exploits0References1
Prion
Prionadded 2023/07/20 2:15 p.m.9 views

Hardcoded credentials

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files...

1.7CVSS5.6AI score0.00048EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/07/20 1:0 p.m.42 views

CVE-2023-32476

Dell Hybrid Client v2.0 has a local‑access vulnerability where an unauthenticated attacker can read hard-coded secrets from JavaScript files, causing sensitive data exposure. Affected software: Dell Hybrid Client (version 2.0). Root cause: hard-coded secrets in JavaScript files. Impact: confident...

6.4CVSS5.5AI score0.00048EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/07/20 1:0 p.m.12 views

CVE-2023-32476

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files...

6.4CVSS7AI score0.00048EPSS
Exploits0References1
Rows per page
Query Builder