Lucene search
K

323 matches found

CVE
CVE
added 2025/12/10 8:29 a.m.18 views

CVE-2025-13954

Summary: EZCast Pro II Admin UI (version 1.17478.146) exposes hard-coded cryptographic keys, allowing bypass of authorization checks and granting full admin UI access. Affected product/component: EZCast Pro II Admin UI. Root cause: hard-coded cryptographic keys in the Admin UI. Impact: unauthoriz...

9.3CVSS5.8AI score0.00162EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/12/10 8:29 a.m.5 views

CVE-2025-13954

Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...

9.3CVSS5.8AI score0.00162EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/10 8:29 a.m.3 views

CVE-2025-13954 Hard-coded cryptographic keys in EZCast Pro II Dongle

Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...

9.3CVSS5.8AI score0.00162EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/10 8:29 a.m.29 views

CVE-2025-13954 Hard-coded cryptographic keys in EZCast Pro II Dongle

Hard-coded cryptographic keys in Admin UI of EZCast Pro II before version 1.17478.177 allows attackers to bypass authorization checks and gain full access to the admin UI...

9.3CVSS0.00162EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.6 views

PT-2025-50309

Name of the Vulnerable Software and Affected Versions EZCast Pro II version 1.17478.146 Description The Admin UI contains hard-coded cryptographic keys. This allows attackers to bypass authorization checks and gain full access to the admin UI. Recommendations Update to a newer version that does n...

9.3CVSS5.8AI score0.00162EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

goaway 安全漏洞

goaway is a DNS blackhole software by Hugo Personal Developer. A security vulnerability exists in versions prior to goaway 0.62.19, which stems from the use of hard-coded key signing JWT tokens, which could lead to authentication bypass...

8.8CVSS6.6AI score0.00495EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Advantech WISE-DeviceOn Server 安全漏洞

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a hard-coded encryption key vulnerability that can be exploited by an attacker to impersonate an arbitrary account...

10CVSS6.7AI score0.00604EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/03 12:0 a.m.4 views

Go Ldap Admin 安全漏洞

Go Ldap Admin is an openLDAP backend management project based on Go+Vue implementation organized by China opsre. A security vulnerability exists in Go Ldap Admin 20251011 and earlier versions, which originates from the use of hard-coded encryption keys by the JWT Handler component in the...

6.3CVSS5.6AI score0.00262EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.5 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v9.0.2, which stems from the firmware containing hard-coded keys that could lead to bypassing access...

8.6CVSS6.6AI score0.00125EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/29 12:0 a.m.4 views

motogadget mo.lock Ignition Lock 安全漏洞

The motogadget mo.lock Ignition Lock is an electronic ignition lock and anti-theft system for motorcycles from the German company motogadget. A security vulnerability exists in motogadget mo.lock Ignition Lock 20251125 and earlier versions, which stems from the use of hard-coded encryption keys b...

2CVSS3.9AI score0.00127EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/11/27 4:59 p.m.14 views

CVE-2025-64304

"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...

5.1CVSS4.8AI score0.0011EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/27 12:0 a.m.4 views

Apache Syncope Trust Management Issues Vulnerability

Apache Syncope is the United States Apache Apache Foundation's set of open source digital identity management system for use in enterprise environments. The system supports identity management, role configuration and more. Apache Syncope has a trust management issue vulnerability that stems from...

7.5CVSS7AI score0.00448EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 5:16 a.m.6 views

CVE-2025-64304

"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...

5.1CVSS0.0011EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/25 5:15 a.m.5 views

"FOD" App uses hard-coded cryptographic keys

Overview "FOD" App provided by Fuji Television Network, Inc. uses hard-coded cryptographic keys Use of hard-coded cryptographic key CWE-321 - CVE-2025-64304 The keys are used in the processing of JWT data. Impact The cryptographic keys may be retrieved. The developer considers that the impact is...

5.1CVSS4.7AI score0.0011EPSS
Exploits0References4
CVE
CVE
added 2025/11/25 4:27 a.m.14 views

CVE-2025-64304

The CVE-2025-64304 entry concerns the FujiTV/FOD mobile app, which reportedly hard-codes cryptographic keys (CWE-321). A local, unauthenticated attacker may retrieve these keys from the app, as described in multiple sources. Documented impact centers on disclosure of cryptographic keys; the provi...

5.1CVSS6.3AI score0.0011EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/25 4:27 a.m.6 views

EUVD-2025-199539

"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...

5.1CVSS6.2AI score0.0011EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/25 4:27 a.m.8 views

CVE-2025-64304

"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...

5.1CVSS0.0011EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/25 4:27 a.m.4 views

CVE-2025-64304

"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...

5.1CVSS6.3AI score0.0011EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.6 views

FujiTelevison FOD app 安全漏洞

FujiTelevison FOD app is an on-demand mobile app from FujiTelevison Japan. A security vulnerability exists in the FujiTelevison FOD app that stems from the use of hard-coded encryption keys, which could lead to a local attacker obtaining the keys...

5.1CVSS4.5AI score0.0011EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.8 views

PT-2025-47986

"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to retrieve the cryptographic keys...

5.1CVSS6.8AI score0.0011EPSS
Exploits0References3
Rows per page
Query Builder