CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8068 matches found

Positive Technologies•added 2026/01/24 12:0 a.m.•7 views

PT-2026-4543

Name of the Vulnerable Software and Affected Versions Salesforce Marketing Cloud Engagement versions prior to January 21st, 2026 Description A hard-coded cryptographic key in the CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, and View As Webpage modules allows...

9.8CVSS5.8AI score0.00613EPSS

Exploits0References13

CNNVD•added 2026/01/24 12:0 a.m.•5 views

Salesforce Marketing Cloud Engagement security vulnerability

Salesforce Marketing Cloud Engagement is a digital marketing automation platform offered by the American company Salesforce. Versions of Salesforce Marketing Cloud Engagement prior to version 2026.1.21 contained security vulnerabilities, which were caused by hard-coded encryption keys. These...

9.8CVSS5.7AI score0.00613EPSS

Exploits0References2

RedhatCVE•added 2026/01/21 10:25 p.m.•6 views

CVE-2025-58744

Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from...

7.5CVSS5.3AI score0.0013EPSS

Exploits0References1

RedhatCVE•added 2026/01/21 10:24 p.m.•5 views

CVE-2025-58740

The use of a hard-coded encryption key in calls to the Password function in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows a local attacker to decrypt database credentials by reading the cryptographic key from the executable. This issue affects ImageDirector Capture: from...

8.5CVSS5.4AI score0.00065EPSS

Exploits0References1

RedhatCVE•added 2026/01/21 8:22 p.m.•5 views

CVE-2026-0622

Open 5GS WebUI uses a hard-coded JWT signing key change-me whenever the environment variable JWTSECRETKEY is unset...

6.5CVSS5.4AI score0.00408EPSS

Exploits0References1

RedhatCVE•added 2026/01/21 3:27 p.m.•11 views

CVE-2025-14115

IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...

8.4CVSS5.4AI score0.001EPSS

Exploits0References1

RedhatCVE•added 2026/01/21 6:33 a.m.•9 views

CVE-2026-1221

PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to the database using hardcoded database credentials stored in the firmware...

9.8CVSS5.5AI score0.00436EPSS

Exploits0References1

EUVD•added 2026/01/21 12:31 a.m.•4 views

EUVD-2025-206307

6.9CVSS5.3AI score0.0013EPSS

Exploits0References2

EUVD•added 2026/01/21 12:31 a.m.•3 views

EUVD-2025-206311

8.5CVSS5.4AI score0.00065EPSS

Exploits0References2

OSV•added 2026/01/20 10:15 p.m.•6 views

CVE-2025-58740

5.5CVSS5.8AI score

Exploits0References1

OSV•added 2026/01/20 10:15 p.m.•3 views

CVE-2025-58744

7.5CVSS5.8AI score0.0013EPSS

Exploits0References1

NVD•added 2026/01/20 10:15 p.m.•5 views

CVE-2025-58744

7.5CVSS0.0013EPSS

Exploits0References1

NVD•added 2026/01/20 10:15 p.m.•5 views

CVE-2025-58740

8.5CVSS0.00065EPSS

Exploits0References1

ATTACKERKB•added 2026/01/20 9:38 p.m.•2 views

CVE-2025-58744

7.5CVSS5.3AI score0.0013EPSS

Exploits0References2Affected Software1

CVE•added 2026/01/20 9:38 p.m.•10 views

CVE-2025-58744

Milner ImageDirector Capture (Windows) is affected by CVE-2025-58744 due to hard-coded credentials in C2SGlobalSettings.dll. The flaw allows decryption of document archive files using credentials embedded in the application encryption key, affecting versions 7.0.9.0 through 7.6.3.25808. Root caus...

7.5CVSS5.3AI score0.0013EPSS

Exploits0References1Affected Software1