Lucene search
K

8071 matches found

CNNVD
CNNVD
added 2022/01/26 12:0 a.m.6 views

Reolink RLC-410W 信任管理问题漏洞

Reolink Rlc-410W is a Wifi security camera from Reolink China.A security vulnerability exists in the TLS hard-coded key of Reolink RLC-410W v3.0.0.13620121102, which can be exploited by attackers to obtain sensitive information...

7.5CVSS5.5AI score0.0089EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.4 views

Bromite 安全漏洞

Bromite is a Chromium fork. It is used for adblocking and privacy enhancement. Bromite has a security vulnerability that stems from the fact that Bromite comes with a hard-coded adblock filter, with versions recognized by the rules it has...

5.3CVSS5.7AI score0.00858EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/01/25 12:0 a.m.4 views

ADOdb 授权问题漏洞

ADOdb is a PHP database library that provides a powerful abstraction for performing queries and managing databases. A security vulnerability exists in ADOdb that stems from the lack of an effective trust management mechanism in a networked system or product. An attacker can leverage default or...

9.1CVSS8.2AI score0.0217EPSS
Exploits1References10
CNVD
CNVD
added 2022/01/24 12:0 a.m.16 views

MingSoft Mcms Trust Management Issue Vulnerability

MingSoft Mcms is a complete open source J2ee system from MingSoft, China. v5.2.4 of MingSoft Mcms contains a security vulnerability that stems from the existence of a hard-coded shiro-key in the software, which can be exploited by attackers to execute arbitrary code...

9.8CVSS5.2AI score0.025EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/01/21 6:17 p.m.6 views

CVE-2021-44464 Fresenius Kabi Agilia Connect Infusion System hard coded credentials

Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software...

6.3CVSS8.9AI score0.0064EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/21 12:0 a.m.5 views

MingSoft Mcms 信任管理问题漏洞

MingSoft Mcms is a complete open source J2ee system from MingSoft, China. v5.2.4 of MingSoft Mcms contains a security vulnerability that stems from the existence of a hard-coded shiro-key in the software, which can be exploited by attackers to execute arbitrary code...

9.8CVSS6AI score0.025EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/01/17 10:15 a.m.9 views

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

3.3CVSS5.4AI score0.00203EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/01/17 10:15 a.m.6 views

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

3.3CVSS5.8AI score0.00203EPSS
Exploits0References1
NVD
NVD
added 2022/01/17 10:15 a.m.21 views

CVE-2022-0131

Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

3.3CVSS0.00203EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/17 12:0 a.m.21 views

NETGEAR XR1000 Trust Management Issue Vulnerability

The NETGEAR xr1000 is a router from Netgear, Inc. A hardware device that connects two or more networks and acts as a gateway between networks, the NETGEAR XR1000 device suffers from a security vulnerability that stems from the fact that NETGEAR XR1000 devices prior to 1.0.0.58 are subject to...

8.8CVSS2.9AI score0.0085EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/16 12:0 a.m.21 views

Schneider Electric Easergy P5 Trust Management Issue Vulnerability

The Schneider Electric Easergy P5 is a protective relay for demanding medium voltage applications from Schneider Electric, France. The Schneider Electric Easergy P5 is vulnerable to a trust management issue, which exists due to the presence of hard-coded credentials in the application code. An...

7.5CVSS7.6AI score0.02371EPSS
Exploits0References1
NVD
NVD
added 2022/01/14 5:15 a.m.10 views

CVE-2022-22056

The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service...

10CVSS0.02259EPSS
Exploits0References1
OSV
OSV
added 2022/01/14 5:15 a.m.5 views

CVE-2022-22056

The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service...

9.8CVSS7.3AI score0.02259EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/14 4:50 a.m.12 views

CVE-2022-22056 Le-yan Co., Ltd. dental management system - Hard-coded Credentials

The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service...

9.8CVSS9.7AI score0.02259EPSS
Exploits0References1
CVE
CVE
added 2022/01/14 4:50 a.m.94 views

CVE-2022-22056

Affected product: Le-Yan Dental Management System (Le-Yan, China). Vulnerability type: hard-coded credentials in the web page source, leading to an unauthenticated remote attacker gaining administrator privileges and potentially taking control or disrupting services. Root cause: credential hard-c...

10CVSS9.6AI score0.02259EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/14 4:36 a.m.5 views

CVE-2022-22056

The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service...

10CVSS7.3AI score0.02259EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/01/14 12:0 a.m.48 views

Fortinet FortiOS Hard-Coded Cryptographic Key (FG-IR-21-051)

The remote host is running a version of FortiOS prior to 5.6.13, 6.0.x prior or equal to 6.0.12, 6.2.x prior or equal to 6.2.8, or 6.4.x prior or equal to 6.4.5, FortiOS-6K7K version prior to 6.2.6 and 6.4.2. It is, therefore, affected by a hard-coded cryptographic key vulnerability in FortiOS...

7.5CVSS7.3AI score0.01042EPSS
Exploits0References2
CNVD
CNVD
added 2022/01/13 12:0 a.m.16 views

TIBCO FTL Trust Management Issue Vulnerability

Tibco Ftl is an application-to-application messaging system from Tibco USA, Inc. Designed for low latency and high performance, TIBCO FTL suffers from a trust management issue vulnerability that stems from hard-coded secrets used in the default domain server, which can be exploited by attackers t...

9.3CVSS3.1AI score0.00854EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/01/12 6:37 a.m.5 views

Jimoty App for Android uses a hard-coded API key for an external service

Overview Jimoty App for Android provided by Jimoty, Inc. uses a hard-coded API key for an external service CWE-798. Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact API key for...

4CVSS6.5AI score0.00203EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.4 views

Jimoty 信任管理问题漏洞

Jimoty is a Web site of Jimoty Japan, Inc. It is used to provide help, information dissemination and other services to local people. Jimoty App for Android is vulnerable to a trust management issue, which exists due to hard-coded credentials in the application code. A local attacker could exploit...

3.3CVSS5.1AI score0.00203EPSS
Exploits0References4
Rows per page
Query Builder