CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8064 matches found

Veracode•added 2017/12/18 3:43 a.m.•8 views

Weak Implementation Of Password Cipher

nexus-ldap-common contains a weak implementation of password cipher. It stores the LDAP bind password using the PBE Key Spec with only 23 iterations and a hard-coded password. This allows the cipher to be easily defeated...

6.8AI score

Exploits0

seebug.org•added 2017/12/14 12:0 a.m.•48 views

Zivif Web Cameras Multiple Vulnerabilities

Implementation of access controls is Zivif cameras is severely lacking.As a result, CGI functions can be called directly, bypassing authentication checks. This was first identified with the following request CVE-2017-17106 http:///web/cgi-bin/hi3510/param.cgi?cmd=getuser Cameras respond to this...

0.5AI score0.84558EPSS

Exploits10

CNVD•added 2017/12/07 12:0 a.m.•1 views

Unspecified Vulnerability in Dell Storage Manager

Dell Storage Manager is an application for managing and monitoring multiple Storage Center, PS Series portfolio FluidFS from Dell USA. A security vulnerability exists in Dell Storage Manager versions prior to 16.3.20 aka 2016 R3.20 that stems from the program's use of a hard-coded password to...

9.8CVSS7AI score0.0132EPSS

Exploits0References1

OSV•added 2017/12/06 12:29 a.m.•1 views

CVE-2017-14374

The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 aka 2016 R3.20 is protected using a hard-coded password. A remote user with the knowledge of the password might potentially disable the SMI-S service via HTTP requests, affecting storage management and monitoring functionalit...

9.8CVSS5.8AI score

Exploits0References1

Prion•added 2017/12/06 12:29 a.m.•11 views

Hardcoded credentials

7.5CVSS9.3AI score0.0132EPSS

Exploits0References1Affected Software1

NVD•added 2017/12/06 12:29 a.m.•23 views

CVE-2017-14374

9.8CVSS9.4AI score0.0132EPSS

Exploits0References1

Cvelist•added 2017/12/06 12:0 a.m.•19 views

CVE-2017-14374

9.4AI score0.0132EPSS

Exploits0References1

CVE•added 2017/12/06 12:0 a.m.•45 views

CVE-2017-14374

Dell Storage Manager before 16.3.20 (2016 R3.20) stores a hard-coded password for the SMI-S service. A remote attacker who knows the credential could disable the SMI-S service via HTTP requests, impacting storage management and monitoring through the SMI-S interface. Affected platform is Windows ...

9.8CVSS9.2AI score0.0132EPSS

Exploits0References1Affected Software1

OSV•added 2017/11/22 7:29 p.m.•4 views

CVE-2017-2720

FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure...

5.3CVSS5.8AI score0.0071EPSS

Exploits0References1

Cvelist•added 2017/11/22 7:0 p.m.•21 views

CVE-2017-2720

5.1AI score0.0071EPSS

Exploits0References1

Hacker One•added 2017/11/17 2:33 p.m.•114 views

Kaspersky: Hard Coded username and password in registry

I was using a tool called RegShot to take a snap shot of the registry before and after installation in order to see what changes were being made in the registry and I discovered hard-coded credentials I have attached the full comparison details of the registry changes but these are the lines and...

1.2AI score

Exploits0

CNVD•added 2017/11/03 12:0 a.m.•3 views

D-Link DGS-1500 Ax Device Hardcoded Password Vulnerability

The D-Link DGS-1500 Ax devices is a switch device from AUO. The D-Link DGS-1500 Ax devices use hard-coded passwords that allow remote attackers to exploit vulnerabilities by submitting specially crafted requests for unauthorized access to the devices...

9.8CVSS7.1AI score0.01687EPSS

Exploits0References1

Prion•added 2017/11/01 2:29 a.m.•11 views

Hardcoded credentials

A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e,...

10CVSS9.4AI score0.01923EPSS

Exploits0References2Affected Software9

OSV•added 2017/11/01 2:29 a.m.•3 views

CVE-2017-14021

9.8CVSS5.8AI score0.01923EPSS

Exploits0References2

Prion•added 2017/11/01 2:29 a.m.•16 views

Hardcoded credentials

A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and...

10CVSS9.6AI score0.02848EPSS

Exploits0References2Affected Software9

OSV•added 2017/11/01 2:29 a.m.•7 views

CVE-2017-14027

9.8CVSS5.8AI score0.02848EPSS

Exploits0References2

NVD•added 2017/11/01 2:29 a.m.•19 views

CVE-2017-14021

10CVSS9.6AI score0.01923EPSS

Exploits0References2

Cvelist•added 2017/11/01 2:0 a.m.•17 views

CVE-2017-14027

9.7AI score0.02848EPSS

Exploits0References2

CVE•added 2017/11/01 2:0 a.m.•59 views

CVE-2017-14027

CVE-2017-14027 concerns Korenix JetNet industrial Ethernet switches with hard-coded credentials. Affected versions include JetNet5018G v1.4, JetNet5310G v1.4a, JetNet5428G-2G-2FX v1.4, JetNet5628G-R v1.4, JetNet5628G v1.4, JetNet5728G-24P v1.4, JetNet5828G v1.1d, JetNet6710G-HVDC v1.1e, and JetNe...

10CVSS9.5AI score0.02848EPSS

Exploits0References2Affected Software1

CVE•added 2017/11/01 2:0 a.m.•65 views

CVE-2017-14021

CVE-2017-14021 applies to Korenix JetNet devices (JetNet5018G 1.4, JetNet5310G 1.4a, JetNet5428G-2G-2FX 1.4, JetNet5628G-R 1.4, JetNet5628G 1.4, JetNet5728G-24P 1.4, JetNet5828G 1.1d, JetNet6710G-HVDC 1.1e, JetNet6710G 1.1). It involves a Use of Hard-coded Cryptographic Key CWE-321, enabling acce...

10CVSS9.3AI score0.01923EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by