3819 matches found
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
Hardcoded credentials
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
CVE-2024-23453
Android Spoon app (versions 7.11.1–8.6.0) contains a hard-coded API key that can be retrieved by reverse-engineering the binary, enabling unauthorized access to an external service. Root cause: embedded credentials in the mobile app. Impact: local attacker could obtain the API key; impact consist...
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
PT-2024-19877 · Unknown · Android Spoon
Name of the Vulnerable Software and Affected Versions: Android Spoon application versions 7.11.1 through 8.6.0 Description: The issue concerns the use of hard-coded credentials in the application, which could allow a local attacker to retrieve a hard-coded API key by reverse-engineering the...
GHSA-9RHQ-86FM-QXQC Duplicate Advisory: Hard-coded credentials in org.folio:mod-data-export-spring
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vf78-3q9f-92g3. This link is maintained to preserve external references. Original Description Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows...
CVE-2024-23687
Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines...
CVE-2024-23687
Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines...
Duplicate Advisory: Hard-coded credentials in org.folio:mod-remote-storage
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m8v7-469p-5x89. This link is maintained to preserve external references. Original Description Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users t...
GHSA-HV5G-Q4H3-64Q4 Duplicate Advisory: Hard-coded credentials in org.folio:mod-remote-storage
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m8v7-469p-5x89. This link is maintained to preserve external references. Original Description Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users t...
CVE-2024-23687 FOLIO mod-data-export-spring Hard-Coded Credentials
Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines...
CVE-2024-23687
CVE-2024-23687 affects the FOLIO module-data-export-spring. The issue arises from hard-coded credentials in the module, allowing unauthenticated access to critical APIs and enabling modification of user data, configurations (including single sign-on), and fees/fines. Affected versions are before ...
CVE-2024-23687 FOLIO mod-data-export-spring Hard-Coded Credentials
Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines...
CVE-2024-23685
Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...
Hardcoded credentials
Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...
CVE-2024-23685 FOLIO mod-remote-storage Hard Coded Credentials
Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...
CVE-2024-23685
CVE-2024-23685 affects the Folio project’s mod-remote-storage, with hard-coded credentials in versions before 1.7.2 and 2.0.0–2.0.3. The root cause allows unauthorized readers to access mod-inventory-storage records (instances, holdings, items, contributor-types, identifier-types). The Red Hat an...
CVE-2024-23685 FOLIO mod-remote-storage Hard Coded Credentials
Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types...