3819 matches found
Sage Group Sage 300 信任管理问题漏洞
Sage Group Sage 300 is a well-established closed-source Enterprise Resource Planning ERP solution from Sage Group, UK, designed to facilitate the management of an organization. A security vulnerability exists in Sage Group Sage 300 version 2022 and prior versions, which stems from the use of a se...
CVE-2022-41398
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow attackers to login to the Solr dashboard with admin privileges and access sensitive information...
PT-2023-13978 · Apache +1 · Apache Solr +1
Name of the Vulnerable Software and Affected Versions: Sage 300 versions through 2022 Description: The optional Global Search feature for Sage 300 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow attackers to login to the Solr dashboard with...
CVE-2022-41398
CVE-2022-41398 affects Sage 300 (through 2022) where the optional Global Search feature configures Apache Solr with hard-coded admin credentials. This enables login to the Solr dashboard with admin privileges and potential exposure of sensitive data. The Red Hat/Red flags and other records corrob...
Token Disclosure
@nuxtlabs/github-module is vulnerable to Token Disclosure. The vulnerability exists in the module.ts because it uses hard-coded credentials in the config file, which allows an attacker to gain sensitive information through the token in the public runtime config...
Siemens SICAM A8000 Use of Hard-Coded Credentials (CVE-2021-45033)
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses hard-cod...
@nuxtlabs/github-module made Use of Hard-coded Credentials
https://nuxt.com had a hardcoded GitHub token in the source code of the page. This token had access to multiple repositories under nuxt, nuxtlabs and nuxt-themes GitHub organizations. A patch in version 1.6.2 fixed the issue...
Hardcoded credentials
Use of Hard-coded Credentials in GitHub repository nuxtlabs/github-module prior to 1.6.2...
CVE-2023-2138 Use of Hard-coded Credentials in nuxtlabs/github-module
Use of Hard-coded Credentials in GitHub repository nuxtlabs/github-module prior to 1.6.2...
CVE-2023-2138 Use of Hard-coded Credentials in nuxtlabs/github-module
Use of Hard-coded Credentials in GitHub repository nuxtlabs/github-module prior to 1.6.2...
CVE-2023-2138
CVE-2023-2138 affects nuxtlabs/github-module prior to version 1.6.2. The root cause is a hard-coded GitHub token embedded in the module’s source, which granted access to multiple Nuxt-related GitHub repositories. The issue is described consistently across multiple sources (including Red Hat, GitH...
github-module 信任管理问题漏洞
github-module is a GitHub integration for Nuxt. A trust management issue vulnerability exists in nuxtlabs github-module versions prior to 1.6.2, which stems from the use of hard-coded credentials...
PT-2023-18155 · Nuxtlabs · Nuxtlabs/Github-Module
Name of the Vulnerable Software and Affected Versions: nuxtlabs/github-module versions prior to 1.6.2 Description: The issue involves the use of hard-coded credentials in the GitHub repository nuxtlabs/github-module. A hardcoded GitHub token was found in the source code, which had access to...
CVE-2023-2138 Use of Hard-coded Credentials in nuxtlabs/github-module
Use of Hard-coded Credentials in GitHub repository nuxtlabs/github-module prior to 1.6.2...
Electra Central AC unit 信任管理问题漏洞
The Electra Central AC unit is an Electra Central AC unit from Electra. A security vulnerability exists in the Electra Central AC unit that stems from the use of unspecified code that contains hard-coded credentials...
PT-2023-2753 · Fortinet · Fortinac-F +1
Name of the Vulnerable Software and Affected Versions: FortiNAC-F version 7.2.0 FortiNAC versions 9.4.2 and below FortiNAC versions 9.2 and earlier FortiNAC versions 8.8 and earlier FortiNAC versions 8.7 and earlier Description: A use of hard-coded credentials issue may allow an authenticated...
Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability
Talos Vulnerability Report TALOS-2023-1692 Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability April 13, 2023 CVE Number CVE-2023-0896 SUMMARY A hard-coded password vulnerability exists in the SSH, telnet functionality of Lenovo Group Ltd. Smart Clock Essential 4.9.113. ...
CVE-2023-26588
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...
CVE-2023-26588
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...
CVE-2023-22429
Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials API key for an external service, which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary...