8031 matches found
EUVD-2026-25693
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...
CVE-2026-7018
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...
PT-2026-35199
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the...
Security Bulletin: Multiple Vulnerabilities in IBM Data Product Hub
Summary Multiple vulnerabilities were addressed in IBM Data Product Hub version 5.3.1 Patch 3 Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected...
CVE-2026-35503
SenseLive X3050 vulnerable via its web management interface: authentication is performed client-side using hardcoded values in browser-executed scripts, enabling an attacker with access to the login page to retrieve exposed parameters and gain unauthorized administrative access. Base scores are C...
CVE-2026-35503 SenseLive X3050 Use of Hard-coded Credentials
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these...
CVE-2026-35503 SenseLive X3050 Use of Hard-coded Credentials
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An attacker with access to the login page could retrieve these...
Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty (CVE-2024-29371, CVE-2025-14923)
Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2024-29371, CVE-2025-14923. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can...
Multiple vulnerabilities in silex technology SD-330AC and AMC Manager
Overview SD-330AC and AMC Manager provided by silex technology, Inc. contain multiple vulnerabilities listed below. Stack-based buffer overflow in processing the redirect URLs CWE-121 - CVE-2026-32955 Heap-based buffer overflow in processing the redirect URLs CWE-122 - CVE-2026-32956 Missing...
CVE-2026-6574
A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation of the argument key leads to hard-coded credentials. The attack may be performed from remote. The...
EUVD-2026-23787
A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulation of the argument SECRETKEY results in use of hard-coded cryptographic key . Remote exploitation o...
CVE-2026-6611
A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulation of the argument SECRETKEY results in use of hard-coded cryptographic key . Remote exploitation o...
EUVD-2026-23783
A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipulation of the argument USER/PASSWORD leads to hard-coded credentials. The attack may be launched...
EUVD-2026-23751
SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update...
CVE-2026-6610
A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipulation of the argument USER/PASSWORD leads to hard-coded credentials. The attack may be launched...
CVE-2026-6611
CVE-2026-6611 affects liangliangyy DjangoBlog up to 2.1.0.0. The issue resides in the File Upload Endpoint’s settings.py where manipulating the SECRET_KEY results in the use of a hard-coded cryptographic key. Remote exploitation is possible; the attack has high complexity and is labeled as exploi...
CVE-2026-6611
A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulation of the argument SECRETKEY results in use of hard-coded cryptographic key . Remote exploitation o...
CVE-2026-6611 liangliangyy DjangoBlog File Upload Endpoint settings.py hard-coded key
A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulation of the argument SECRETKEY results in use of hard-coded cryptographic key . Remote exploitation o...
CVE-2026-6610
A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipulation of the argument USER/PASSWORD leads to hard-coded credentials. The attack may be launched...
CVE-2026-6610
The vulnerability CVE-2026-6610 affects the DjangoBlog project by liangliangyy, up to version 2.1.0.0. The issue resides in the Setting Handler, specifically in an unknown function within djangoblog/settings.py, where manipulation of USER/PASSWORD arguments leads to hard-coded credentials. Exploi...