323 matches found
EUVD-2019-14742
Malware in sbrugna...
EUVD-2015-7207
Malware in sbrugna...
EUVD-2025-26238
Malicious code in bioql PyPI...
EUVD-2022-44733
Malicious code in bioql PyPI...
EUVD-2024-52851
Malicious code in bioql PyPI...
EUVD-2022-29916
Malicious code in bioql PyPI...
EUVD-2024-28328
Malicious code in bioql PyPI...
EUVD-2021-30502
Malicious code in bioql PyPI...
EUVD-2025-26161
Malicious code in bioql PyPI...
Poscube Assist 信任管理问题漏洞
Poscube Assist is a mobile reporting tool from Poscube Turkey. A trust management issue vulnerability exists in Poscube Assist version 10.02.2025 and earlier, which stems from bypassing authorization using hard-coded credentials and user control keys, which could lead to authentication bypass...
CVE-2025-24525 Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key
Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available ...
Vasion Print Virtual Appliance Host 安全漏洞
Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 25.1.102, which stems from hard-coded private keys and passwords and could lead to a man-in-the-middle or impersonation atta...
Ceragon EtherHaul series 操作系统命令注入漏洞
The Ceragon EtherHaul series is a point-to-point infinite link device from Ceragon USA. A security vulnerability exists in the Ceragon EtherHaul series versions 7.4.0 through 10.7.3 and earlier, which stems from the use of hard-coded static AES encryption keys by the rfpiped service, which could...
DJI Mavic 安全漏洞
DJI Mavic is a series of drones from the Chinese company DJI DJI. A security vulnerability exists in DJI Mavic that stems from the use of hard-coded keys in the component Telemetry Channel, which could lead to a local network attack...
Datart 安全漏洞
Datart is running-elephant's open source generation open platform for data visualization. A security vulnerability exists in Datart 1.0.0-rc3 and earlier versions, which stems from the use of hard-coded keys in the datart/security/src/main/java/datart/security/util/AESUtil.java file...
CVE-2025-9604
A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key . It is possible ...
CVE-2025-56577
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys...
CVE-2025-56577
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys...
CVE-2025-56577
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys...
Use of Hard-coded Cryptographic Key
Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the form of AuthSecretKey, StateSecretKey, and OAuthTokenSecretKey as defined in aes.go, which are used when generating the callback URL for OAuth authentication. Remediation Upgrade...