8066 matches found
CVE-2026-40636
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...
CVE-2026-40636
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...
CVE-2026-40636
Dell ECS (3.8.1.0–3.8.1.7) and Dell ObjectScale versions before 4.3.0.0 contain a hard-coded credential issue. An unauthenticated, locally-accessible attacker could potentially obtain filesystem access. CVSS 3.1 base score 9.8 (CRITICAL) indicates high impact on confidentiality, integrity, and av...
PT-2026-39588
Name of the Vulnerable Software and Affected Versions Dell ECS versions 3.8.1.0 through 3.8.1.7 Dell ObjectScale versions prior to 4.3.0.0 Description An issue involving the use of hard-coded credentials allows an unauthenticated attacker with local access to potentially gain filesystem access...
Dell ECS和Dell ObjectScale 信任管理问题漏洞
Dell ECS and Dell ObjectScale are both products of the American company Dell. Dell ECS is an scalable, manageable, and elastic enterprise-level object storage solution. Dell ObjectScale is an object storage platform. There were security management vulnerabilities in versions 3.8.1.0 to 3.8.1.7 of...
CVE-2026-8243
A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be performed from remote. The vendor was...
CVE-2026-8243
The CVE-2026-8243 entry concerns Industrial Application Software IAS Canias ERP 8.03, affecting the JNLP Deployment Endpoint. The description indicates that manipulating this endpoint can lead to use of a hard-coded cryptographic key, with the attack potentially executable from a remote location....
CVE-2026-8243
A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be performed from remote. The vendor was...
CVE-2026-8243 Industrial Application Software IAS Canias ERP JNLP Deployment Endpoint hard-coded key
A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be performed from remote. The vendor was...
CVE-2026-8243 Industrial Application Software IAS Canias ERP JNLP Deployment Endpoint hard-coded key
A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be performed from remote. The vendor was...
PT-2026-39469
Name of the Vulnerable Software and Affected Versions IAS Canias ERP version 8.03 Description A remote attack can be performed against the JNLP Deployment Endpoint component. Manipulation of an unknown function within this component can lead to the use of a hard-coded cryptographic key, which is ...
CVE-2026-41930
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...
AstrBot 安全漏洞
AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Version 3.5.15 of AstrBot contains a security vulnerability, which stems from the use of hard-coded private keys for signing JWTs...
Security Bulletin: Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063).
Summary Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address these...
Yarbo 信任管理问题漏洞
Yarbo is a modular intelligent courtyard maintenance robot developed by the American company Yarbo. Version 2.3.9 of Yarbo contains a vulnerability related to trust management. This vulnerability stems from hard-coded administrator credentials, which could allow attackers who are aware of these...
CVE-2026-8032
A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. The impacted element is an unknown function of the file /cdemos/echs/priv/echs.js. This manipulation of the argument ADMINKEY causes hard-coded credentials. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-41930
Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...
CVE-2026-8032 PicoTronica e-Clinic Healthcare System ECHS echs.js hard-coded credentials
A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. The impacted element is an unknown function of the file /cdemos/echs/priv/echs.js. This manipulation of the argument ADMINKEY causes hard-coded credentials. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-8032 PicoTronica e-Clinic Healthcare System ECHS echs.js hard-coded credentials
A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. The impacted element is an unknown function of the file /cdemos/echs/priv/echs.js. This manipulation of the argument ADMINKEY causes hard-coded credentials. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-8032
CVE-2026-8032 affects PicoTronica e-Clinic Healthcare System ECHS (v5.7). In echs.js (path: /cdemos/echs/priv/echs.js), an argument manipulation of ADMIN_KEY leads to hard-coded credentials exposed in the remote-access component. The issue enables remote exploitation with a published exploit; imp...