CVE-2019-10990

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files...

CVE-2019-10990

CVE-2019-10990 affects Red Lion Controls Crimson: versions 3.0 and earlier, and 3.1 prior to release 3112.00 use a hard-coded password to encrypt protected files in transit and at rest, potentially exposing configuration files. This is documented in multiple sources (including Red Lion advisories...

CVE-2019-10990

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files...

Schneider Electric APC UPS Network Management Card 2 Trust Management Issues Vulnerability

The Schneider Electric APC UPS Network Management Card 2 is a network management card from Schneider Electric France. A vulnerability with trust management issues exists in the Schneider Electric APC UPS Network Management Card 2 AOS v6.5.6 release. The vulnerability stems from the lack of an...

Philips IntelliVue WLAN

1. EXECUTIVE SUMMARY CVSS v3 6.4 Vendor: Philips Equipment: IntelliVue M3002A X2 MMS Transport Monitor/Module and IntelliVue MP monitors MP2/X2, MP5, MP20-MP90, MX600, MX700 and MX800 Vulnerabilities: Use of Hard-coded Password, Download of Code Without Integrity Check 2. RISK EVALUATION...

IMAPFilter Trust Management Issues Vulnerability

IMAPFilter is an IMAP mail filtering utility. A trust management issue vulnerability exists in IMAPFilter 2.6.12 and earlier versions, which arises from the lack of an effective trust management mechanism in a networked system or product, and can be exploited by an attacker to attack affected...

PT-2019-12124 · Red Lion Controls · Crimson

Name of the Vulnerable Software and Affected Versions: Red Lion Controls Crimson versions 3.0 and prior Red Lion Controls Crimson version 3.1 prior to release 3112.00 Description: The issue allows an attacker to access configuration files due to the use of a hard-coded password for encrypting...

Red Lion Crimson Hard-coded Cryptographic Key Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Red Lion Crimson. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CTextStreamMemory class. The class contains hard-coded secrets in clear tex...

WordPress slick-popup plugin trust management issue vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. slick-popup is a window popup plugin used in it. A trust management issue vulnerability exists in WordPress slick-popup plugin version...

CVE-2019-14943

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials...

CVE-2019-14943

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials...

Hardcoded credentials

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials...

CVE-2019-14943

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials...

CVE-2019-14943

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses Hard-coded Credentials...

CVE-2019-14943

Removed by vendor...

CVE-2019-14943

Summary: CVE-2019-14943 affects GitLab Community and Enterprise Edition 12.0–12.1.4 and is due to hard-coded credentials. The CVSS vectors (2.0/3.0) indicate high/critical impact with network access and no authentication. Affected components: GitLab GitLab Community/Enterprise Edition 12.0–12.1.4...

AndroVideo Advan VD-1 Trust Management Issues Vulnerability

The AndroVideo Advan VD-1 is a security camera from AndroVideo Taiwan, China. The AndroVideo Advan VD-1 is vulnerable to a trust management issue. The vulnerability can be exploited by an attacker to attack affected components using default passwords or hard-coded passwords, hard-coded...

WordPress onelogin-saml-sso plugin trust management issue vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. onelogin-saml-sso is an authentication plugin used in it. The WordPress onelogin-saml-sso plugin is vulnerable to a trust management...

CVE-2019-6698

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device...

CVE-2019-6698

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device...