Lucene search
K

8076 matches found

The Hacker News
The Hacker News
added 2022/07/29 3:19 a.m.75 views

Latest Critical Atlassian Confluence Vulnerability Under Active Exploitation

A week after Atlassian rolled out patches to contain a critical flaw in its Questions For Confluence app for Confluence Server and Confluence Data Center, the shortcoming has now come under active exploitation in the wild. The bug in question is CVE-2022-26138, which concerns the use of a...

1AI score0.9817EPSS
Exploits1
CISA KEV Catalog
CISA KEV Catalog
added 2022/07/29 12:0 a.m.27 views

Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability

Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group...

9.8CVSS4.7AI score0.9817EPSS
In wildExploits1
NVD
NVD
added 2022/07/28 4:15 p.m.11 views

CVE-2022-30314

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...

4.6CVSS0.00256EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/28 4:15 p.m.2 views

CVE-2022-30314

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References3
Prion
Prion
added 2022/07/28 4:15 p.m.20 views

Hardcoded credentials

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...

2.1CVSS5.8AI score0.00256EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/07/28 3:41 p.m.25 views

CVE-2022-30314

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...

6.1AI score0.00256EPSS
Exploits0References2
CVE
CVE
added 2022/07/28 3:41 p.m.71 views

CVE-2022-30314

CVE-2022-30314 affects Honeywell Experion PKS Safety Manager 5.02. The vulnerability arises from hard-coded credentials used to access the POLO bootloader, which is exposed via the DCOM-232/485 serial interface used for firmware management. An attacker with physical or gateway-access to the seria...

4.6CVSS5.7AI score0.00256EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/07/28 2:19 p.m.7 views

CVE-2021-22644 Ovarro TBox Use of Hard-coded Cryptographic Key

Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key...

7.5CVSS9.5AI score0.00657EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/07/28 2:19 p.m.21 views

CVE-2021-22644 Ovarro TBox Use of Hard-coded Cryptographic Key

Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key...

7.5CVSS9.6AI score0.00657EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/07/28 12:14 a.m.1 views

"Hulu" App for Android uses a hard-coded API key for an external service

Overview "Hulu" App for Android provided by HJ Holdings, Inc. uses a hard-coded API key for an external service CWE-798. Ryo Sato of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact T...

7.5CVSS6.8AI score0.00575EPSS
Exploits0References5
OSV
OSV
added 2022/07/27 9:15 p.m.4 views

CVE-2022-36952

In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10...

9.8CVSS5.8AI score0.00439EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/27 9:15 p.m.3 views

CVE-2022-36952

In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10...

9.8CVSS5.8AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2022/07/27 9:15 p.m.15 views

CVE-2022-36952

In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10...

9.8CVSS0.00439EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/07/27 8:59 p.m.23 views

CVE-2022-36952

In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the underlying VxSS subsystem. This affects 8.x through 8.3.0.2, 9.x through 9.0.0.1, 9.1.x through 9.1.0.1, and 10...

8.4CVSS9.5AI score0.00439EPSS
Exploits0References1
CVE
CVE
added 2022/07/27 8:59 p.m.80 views

CVE-2022-36952

CVE-2022-36952 affects Veritas NetBackup OpsCenter due to a hard-coded credential that can be used to exploit the VxSS subsystem. Affected versions are 8.x–8.3.0.2, 9.x–9.0.0.1, 9.1.x–9.1.0.1, and 10. The issue is documented across multiple sources (NVD/NIST, Red Hat advisory, and third-party CVE...

9.8CVSS9.2AI score0.00439EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/07/27 12:0 a.m.18 views

IBM Security Verify Information Queue Trust Management Issue Vulnerability

IBM Security Verify Information Queue is an integration product from IBM of America, Inc. IBM Security Verify Information Queue version 10.0.2 is vulnerable to a trust management issue stemming from its use of hard-coded credentials used for inbound authentication, outbound communication to...

2.7AI score0.00556EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.3 views

HJ Holdings Hulu 信任管理问题漏洞

HJ Holdings Hulu is an anime player from the Japanese company HJ Holdings. HJ Holdings Hulu is vulnerable to a trust management issue vulnerability that arises from the use of hard-coded API keys in the sequence to external services. A remote attacker could exploit the vulnerability to access...

7.5CVSS6.1AI score0.00575EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.4 views

Veritas NetBackup 信任管理问题漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and backup protection of environmental data such as metadata and virtual environments. A security...

9.8CVSS8.2AI score0.00439EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/07/27 12:0 a.m.39 views

JVN#40907489: "Hulu / フールー" App for Android uses a hard-coded API key for an external service

"Hulu / フールー" App for Android provided by HJ Holdings, Inc. uses a hard-coded API key for an external service CWE-798. Impact The hard-coded API key may be retrieved via reverse-engineering the application binary. Note that the application users are not directly affected by this vulnerability...

7.5CVSS7.5AI score0.00575EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/07/27 12:0 a.m.5 views

PT-2022-23699 · Veritas · Veritas Netbackup Opscenter

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup OpsCenter versions 8.x through 8.3.0.2 Veritas NetBackup OpsCenter versions 9.x through 9.0.0.1 Veritas NetBackup OpsCenter versions 9.1.x through 9.1.0.1 Veritas NetBackup OpsCenter version 10 Description: A hard-coded...

9.8CVSS9.3AI score0.00439EPSS
Exploits0References3
Rows per page
Query Builder