8068 matches found
CVE-2026-5189
CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...
Sonatype Nexus Repository Manager 安全漏洞
Sonatype Nexus Repository Manager NXRM is a repository manager developed by Sonatype, Inc., in the United States. It is primarily used for managing, storing, and distributing software. Versions of Sonatype Nexus Repository Manager from 3.0.0 to 3.70.5 have security vulnerabilities. These...
PT-2026-33132
CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitatio...
EUVD-2026-22339
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via...
EUVD-2026-22310
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port...
CVE-2026-4832
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port...
CVE-2026-39810
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump...
CVE-2026-39810
CVE-2026-39810 describes a vulnerability in Fortinet FortiClientEMS 7.4.0–7.4.5 where a hard‑coded cryptographic key may lead to information disclosure. The affected component is FortiClient EMS, and the root cause is a hard-coded key compromising confidentiality (C>H/I>H). The document set...
CVE-2026-39810
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump...
CVE-2026-39810
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump...
CVE-2026-39810
A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump...
CVE-2026-4832
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port...
CVE-2026-4832
The CVE-2026-4832 entry describes CWE-798: Use of Hard-coded Credentials that could allow unauthorized access to sensitive device information when an unauthenticated attacker interrogates the SNMP port. The connected sources reiterate the same root cause and impact but do not specify affected pro...
CVE-2026-4832
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port...
PT-2026-32689
CVE-2026-39810 A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting databas… https://t.co/v5ryBw0uAj...
PT-2026-32695
CVE-2026-4832 CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able… https://t.co/N2CPBzZjrp...
jq 安全漏洞
jq is a lightweight and flexible command-line JSON processor developed by jqlang. There is a security vulnerability in jq, which stems from the use of the MurmurHash3 algorithm that relies on hard-coded public seeds. This vulnerability could allow attackers to exploit the system by providing...
Schneider Electric多款产品 信任管理问题漏洞
Schneider Electric Easergy MiCOM Px40 Series is a series of power protection and control relay devices produced by Schneider Electric, a French company. Several products from Schneider Electric have vulnerabilities related to trust management. These vulnerabilities stem from the use of hard-coded...
MAL-2026-2823 Malicious code in @genoma-ui/components (npm)
Malicious package detected. It uses pre/post install scripts to download/execute code and exfiltrate user data via curl from a hardcoded IP. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5fb9acd5bf2a73c82be9ac19b7c0cad285cfea2a4b6ff69655f61e7e4a0c26c The...
EUVD-2026-20936
Use of Hard-coded Cryptographic Key vulnerability in Apache OpenMeetings. The remember-me cookie encryption key is set to default value in openmeetings.properties and not being auto-rotated. In case OM admin hasn't changed the default encryption key, an attacker who has stolen a cookie from a...