Lucene search
K

323 matches found

NCSC
NCSC
added 2025/06/12 11:8 a.m.8 views

Vulnerabilities fixed in Ivanti Workspace Control

Ivanti has fixed vulnerabilities in Ivanti Workspace Control Specifically for versions prior to 10.19.10.0. The vulnerabilities are in the hard-coded keys within Ivanti Workspace Control, specifically in versions prior to 10.19.10.0. These vulnerabilities allow local, authenticated attackers to...

8.8CVSS7.4AI score0.00352EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.6 views

Project AI 信任管理问题漏洞

Project AI is a platform by Aryan Singh Personal Developer designed to simplify the creation of AI agents using Google AI Studio. Project AI has a trust management issue vulnerability that stems from the presence of hard-coded API keys in the code...

6.9CVSS6.6AI score0.00478EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/23 2:12 p.m.16 views

CVE-2025-48417

The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...

6.5CVSS7.1AI score0.00197EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:26 p.m.8 views

CVE-2022-41540

The web app client of TP-Link AX10v1 V1211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attac...

5.9CVSS6.7AI score0.01084EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:46 p.m.10 views

CVE-2020-14099

On Xiaomi router AX1800 rom version 1.0.336 and RM1800 root version 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password...

7.5CVSS6.6AI score0.006EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:48 a.m.20 views

CVE-2019-10851

Computrols CBAS 18.0.0 has hard-coded encryption keys...

6.5CVSS7AI score0.00666EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/21 12:0 a.m.8 views

CVE-2024-56429

itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key found in iLabClient.jar for local users to read or write to the database...

7.7CVSS6.7AI score0.00138EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.4 views

ConnectWise Risk Assessment 安全漏洞

ConnectWise Risk Assessment is a cybersecurity risk assessment tool from ConnectWise that identifies vulnerabilities, compliance gaps, and provides remediation recommendations in enterprise IT environments to help MSPs and organizations achieve proactive risk management. ConnectWise Risk Assessme...

6CVSS6.5AI score0.0009EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/03 12:0 a.m.5 views

Mojolicious 安全漏洞

Mojolicious is Mojolicious open source Perl-based real-time web framework. A security vulnerability exists in Mojolicious 9.39 and earlier versions, which stems from the use of hard-coded strings or application class names as HMAC session keys, which could lead to session forgery...

8.1CVSS6.3AI score0.00459EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/04/25 12:0 a.m.6 views

Korenix JetNet Use of Hard-Coded Cryptographic Key (CVE-2017-14021)

A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e,...

10CVSS8.4AI score0.01923EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/24 12:0 a.m.4 views

i-PRO Surveillance Cameras和i-PRO Recorders 安全漏洞

i-PRO Surveillance Cameras and i-PRO Recorders are both products of i-PRO Japan. i-PRO Surveillance Cameras are a line of surveillance cameras. i-PRO Recorders are a line of video recorders. A security vulnerability exists in i-PRO Surveillance Cameras and i-PRO Recorders that stems from the use ...

6.8CVSS5.2AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/11 12:0 a.m.4 views

OPEN BizRobo! 安全漏洞

OPEN BizRobo! is a business robot software from OPEN. A security vulnerability exists in OPEN BizRobo! that stems from the use of hard-coded encryption keys that may lead to credential disclosure...

3.7CVSS4.9AI score0.00215EPSS
Exploits0References7
NCSC
NCSC
added 2025/04/10 11:53 a.m.8 views

Vulnerability fixed in Gladinet CentreStack

Gladinet has fixed a vulnerability in CentreStack Versions up to 16.1.10296.56315. The vulnerability is in the way hard-coded machineKeys and cryptographic keys are used, resulting in a serious deserialization vulnerability. The vulnerability allows a malicious party to generate rogue ViewState...

9.8CVSS7.6AI score0.93842EPSS
Exploits6References3
VulnCheck KEV
VulnCheck KEV
added 2025/04/04 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-30406

Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful exploitation allows an attacker to forge ViewState payloads for server-side deserialization, allowing...

9.8CVSS5.8AI score0.93842EPSS
Exploits6References1
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.4 views

FastCMS 安全漏洞

FastCMS is a content management system from FastCMS, Inc. A security vulnerability exists in FastCMS version 0.1.5 that stems from the use of hard-coded encryption keys by the JWT processing component...

8.1CVSS5.3AI score0.00427EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/03/17 12:0 a.m.6 views

Fortinet FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. Fortinet FortiSandbox suffers from a security vulnerability that stems from th...

8.2CVSS6.6AI score0.00148EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/05 12:0 a.m.4 views

Vasion Print 信任管理问题漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. Vasion Print has a security vulnerability that stems from the presence of hard-coded AWS API keys...

9.8CVSS6.7AI score0.00832EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.2 views

DocuSnap 安全漏洞

DocuSnap is an app from DocuSnap that turns mobile devices into portable scanners. Used to scan, edit, store and share documents to PDF. A security vulnerability exists in DocuSnap 13.0.1440.24261 and earlier versions, which stems from the use of hard-coded encryption keys...

4.3CVSS6.7AI score0.00234EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.6 views

Q-Free MAXTIME Suite 安全漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. A security vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions, which stems from the use of hard-coded encryption keys in JWT signatures. An attacker could exploit the vulnerabilit...

8.8CVSS6.6AI score0.01131EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/11 12:0 a.m.4 views

Siemens APOGEE Series 加密问题漏洞

Siemens APOGEE Series is a family of building automation and control systems from Siemens, Germany. The Siemens APOGEE Series suffers from a cryptographic vulnerability that arises from the fact that the affected devices contain a weak encryption mechanism based on hard-coded keys. This could all...

8.7CVSS6.5AI score0.00195EPSS
Exploits0References1
Rows per page
Query Builder