Lucene search
K

323 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-14742

Malware in sbrugna...

7.5CVSS7.7AI score0.02362EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-7207

Malware in sbrugna...

5.9CVSS6.6AI score0.01009EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26238

Malicious code in bioql PyPI...

8.4CVSS6.5AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-44733

Malicious code in bioql PyPI...

5.9CVSS6.1AI score0.01084EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52851

Malicious code in bioql PyPI...

7.6CVSS6.6AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-29916

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00324EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-28328

Malicious code in bioql PyPI...

9.2CVSS6.6AI score0.00676EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-30502

Malicious code in bioql PyPI...

8.2CVSS6.7AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26161

Malicious code in bioql PyPI...

6.3CVSS4.8AI score0.00223EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/02 12:0 a.m.3 views

Poscube Assist 信任管理问题漏洞

Poscube Assist is a mobile reporting tool from Poscube Turkey. A trust management issue vulnerability exists in Poscube Assist version 10.02.2025 and earlier, which stems from bypassing authorization using hard-coded credentials and user control keys, which could lead to authentication bypass...

6.3CVSS6.8AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/30 11:4 p.m.11 views

CVE-2025-24525 Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key

Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available ...

8.7CVSS0.00242EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.4 views

Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 25.1.102, which stems from hard-coded private keys and passwords and could lead to a man-in-the-middle or impersonation atta...

9.8CVSS6.6AI score0.00445EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.6 views

Ceragon EtherHaul series 操作系统命令注入漏洞

The Ceragon EtherHaul series is a point-to-point infinite link device from Ceragon USA. A security vulnerability exists in the Ceragon EtherHaul series versions 7.4.0 through 10.7.3 and earlier, which stems from the use of hard-coded static AES encryption keys by the rfpiped service, which could...

9.8CVSS7.5AI score0.00986EPSS
Exploits3References6
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.6 views

DJI Mavic 安全漏洞

DJI Mavic is a series of drones from the Chinese company DJI DJI. A security vulnerability exists in DJI Mavic that stems from the use of hard-coded keys in the component Telemetry Channel, which could lead to a local network attack...

5CVSS5.1AI score0.00226EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/08 12:0 a.m.6 views

Datart 安全漏洞

Datart is running-elephant's open source generation open platform for data visualization. A security vulnerability exists in Datart 1.0.0-rc3 and earlier versions, which stems from the use of hard-coded keys in the datart/security/src/main/java/datart/security/util/AESUtil.java file...

3.1CVSS4.3AI score0.00235EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/31 2:20 a.m.4 views

CVE-2025-9604

A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key . It is possible ...

6.3CVSS6.9AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/31 12:4 a.m.4 views

CVE-2025-56577

An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys...

8.4CVSS6.4AI score0.00133EPSS
Exploits0References1
OSV
OSV
added 2025/08/29 8:15 p.m.2 views

CVE-2025-56577

An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys...

8.4CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2025/08/29 8:15 p.m.3 views

CVE-2025-56577

An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys...

8.4CVSS0.00133EPSS
Exploits0References1
Snyk
Snyk
added 2025/08/29 2:44 a.m.6 views

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the form of AuthSecretKey, StateSecretKey, and OAuthTokenSecretKey as defined in aes.go, which are used when generating the callback URL for OAuth authentication. Remediation Upgrade...

9.3CVSS7AI score0.00223EPSS
Exploits0References2
Rows per page
Query Builder