3819 matches found
CVE-2026-21404
NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...
EUVD-2026-34321
NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...
CVE-2026-21404 NAVTOR NavBox Use of Hard-coded Credentials
NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...
CVE-2026-21404 NAVTOR NavBox Use of Hard-coded Credentials
NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...
CVE-2026-49204 Hard-coded AWS Cognito Testing Accounts
Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation...
CVE-2026-49204
Technical details about CVE-2026-49204 are not publicly available in the provided documents; monitor for updates.
CVE-2026-49204 Hard-coded AWS Cognito Testing Accounts
Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation...
CVE-2026-49187
CVE-2026-49187 concerns hard-coded APK resource files that never expire and a shared scepter that can lead to information leaks and potential misuse. According to the entry, exploitation is network-based with low attack complexity and no privileges required, causing high confidentiality impact (t...
CVE-2026-49187 Hard-coded APK Resource Credentials & Scepters
The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...
CVE-2026-49187 Hard-coded APK Resource Credentials & Scepters
The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...
EUVD-2026-34184
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
EUVD-2026-34183
Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
Navtor NavBox 信任管理问题漏洞
NAVTOR NavBox is a shipping information system device developed by the Norwegian company Navtor, used for electronic nautical chart management and navigation data synchronization on ships. Versions of NAVTOR NavBox prior to 4.16.1.20 contained a trust management vulnerability. This vulnerability...
PT-2026-46316
Name of the Vulnerable Software and Affected Versions NAVTOR NavBox versions prior to 4.16.1.21 Description The software contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. When SOAP functionality is enabled, a local attacker can extract these...
CVE-2026-22054
Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations...
CVE-2026-22055
The CVE concerns Active IQ OneCollect 2.7.3, where hard-coded credentials could allow an authenticated user with LOW privileges to perform unauthorized AutoSupport operations. Root cause: hard-coded credentials. Impact: unauthorized AutoSupport actions with low privileges. The provided documents ...