8070 matches found
CVE-2021-44207
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials...
CVE-2021-44207
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials...
CVE-2021-44207
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials...
CVE-2021-44207
CVE-2021-44207 affects Acclaim USAHERDS (version 7.4.0.1 and earlier) due to hard-coded credentials, enabling potential unauthorized access and remote code execution as described by multiple sources. Public docs confirm the issue center is use of hard-coded credentials in USAHERDS, with CVSS metr...
CVE-2021-44207
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials...
CVE-2021-43587
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges...
Acclaim USAHERDS 信任管理问题漏洞
Acclaim Systems Acclaim Usaherds is an Animal Health Emergency Reporting Diagnostic System from Acclaim Systems USA. A security vulnerability exists in Acclaim USAHERDS version 7.4.0.1 and prior versions that stems from the presence of hard-coded credentials in the program...
CVE-2021-44207
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2021-24065
Name of the Vulnerable Software and Affected Versions: Acclaim USAHERDS versions 7.4.0.1 and earlier Description: The issue concerns the use of hard-coded credentials in Acclaim USAHERDS, allowing attackers to bypass authentication and gain unauthorized access to sensitive systems and data. This...
Fresenius Kabi Agilia Connect Infusion System (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Fresenius Kabi Equipment: Agilia Connect Infusion System Vulnerabilities: Uncontrolled Resource Consumption, Use of a Broken or Risky Cryptographic Algorithm, Insufficiently Protected Credentials,...
CVE-2021-41028
A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...
CVE-2021-41028
A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...
CVE-2021-41028
A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...
CVE-2021-41028
CVE-2021-41028 affects Fortinet FortiClient EMS up to 7.0.1 (and 6.4.6 and below) and FortiClient components for Windows, Linux, and macOS up to 7.0.1 and 6.4.6 and below. The root causes are a hard-coded cryptographic key in FortiClientEMS and improper certificate validation in FortiClient clien...
Xylem AquaView 信任管理问题漏洞
Xylem AquaView is a next-generation SCADA system from Xylem USA, Inc. to meet the needs of water and wastewater related professionals for a simpler, more personalized way to be able to monitor, control, and optimize their assets anytime, anywhere, from any device. A trust management issue...
Xylem AquaView
1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Low attack complexity Vendor: Xylem, Inc. Equipment: AquaView Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated local attacker to create users, delete users,...
Dell PowerPath Management Appliance安全漏洞
The DELL Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A security vulnerability exists in the Dell PowerPath Management Appliance, which can be exploited ...
Inclusion of Sensitive Information in Source Code in pimcore/demo
Description API Keys is hard coded in the application source code. The use of a hard-coded API Key has many negative implications. Proof of Concept "security" = "method" = "datahubapikey", "apikey" = "6332aa5e6d3d6c0be31da2a8b3442113", "skipPermissionCheck" = FALSE...
Fortinet FortiOS Trust Management Issue Vulnerability (CNVD-2021-100290)
Fortinet FortiOS is a security operating system from Fortinet, Inc. that is designed to be used on the FortiGate network security platform. A security vulnerability exists in Fortinet FortiOS, which stems from the use of hard-coded encryption keys that could allow an attacker to retrieve the keys...
CVE-2021-26108
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverse engineering...