CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

OSV•added 2026/03/13 10:50 a.m.•2 views

MAL-2026-1409 Malicious code in darkig (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7589c67c4429eabd010f891cb17f893ee11ec3cb873d4a31095cc3592134f762 Instagram hacking tool that also forces the user to follow hardcoded accounts. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/03/13 10:47 a.m.•3 views

Malicious code in ighack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 889207a729f6b97c385d6c0afe217776d10331cdf7e5dd511f80e0d01e899842 Instagram hacking tool that besides abusing the Instagram API, also automatically uses user's credentials to follow hardcoded accounts. --- Category: MALICIOUS...

5.8AI score

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2016-7456

Malware in sbrugna...

10CVSS9.4AI score0.00734EPSS

Exploits2References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-6187

Malware in sbrugna...

9.8CVSS9.2AI score0.00451EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-4622

Malware in sbrugna...

10CVSS6.4AI score0.00634EPSS

Exploits0References2

Tenable Nessus•added 2025/08/08 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-34034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default...

9.3CVSS5.8AI score0.00374EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 5:38 a.m.•2 views

CVE-2012-4697

TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session...

10CVSS7.1AI score0.00634EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:16 a.m.•5 views

CVE-2012-6428

The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access...

10CVSS6.3AI score0.00242EPSS

Exploits0References1

Cvelist•added 2020/02/13 10:54 p.m.•8 views

CVE-2013-6362

Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts...

9.6AI score0.00451EPSS

Exploits1References2

CNVD•added 2019/11/04 12:0 a.m.•1 views

Milesight IP security cameras trust management issue vulnerability (CNVD-2019-40064)

Milesight IP security cameras are IP camera products from China Pulse Digital Technology Milesight. A security vulnerability exists in Milesight IP security cameras version 2016-11-14 and earlier, which stems from the program comes with 10 privileged accounts with hardcoded credentials in the...

9.8CVSS6.9AI score0.00836EPSS

Exploits1References1

OSV•added 2019/05/02 5:29 p.m.•1 views

CVE-2017-18371

The ZyXEL P660HN-T1A v2 TCLinux Fw 7.3.37.6 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username supervisor and password zyad1234. These accounts can b...

9.8CVSS5.8AI score0.72742EPSS

Exploits2References5

Prion•added 2019/05/02 5:29 p.m.•22 views

Command injection

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a...

9CVSS8.8AI score0.09064EPSS

Exploits1References3Affected Software1

Cvelist•added 2019/05/02 4:15 p.m.•20 views

CVE-2017-18373

8.8AI score0.09064EPSS

Exploits1References3

Securelist•added 2018/05/23 10:0 a.m.•34 views

Backdoors in D-Link’s backyard

"If you want to change the world, start with yourself." In the case of security research this can be rephrased to: "If you want to make the world safer, start with the smart things in your home." Or, to be more specific, start with your router – the core of any home network as well as an...

0.9AI score0.12376EPSS

Exploits3

Positive Technologies•added 2017/04/28 12:0 a.m.•5 views

PT-2018-16: Hardcoded Accounts in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200

The specialists of the Positive Research center have detected a Hardcoded accounts vulnerability in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200. Hardcoded accounts allow attackers to gain access to the FTP server. How to fix Use the vendor's advisory:...

10CVSS9.7AI score0.00552EPSS

Exploits0References5

NVD•added 2016/09/19 1:59 a.m.•12 views

CVE-2016-6535

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote attackers to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session...

10CVSS9.4AI score0.00734EPSS

Exploits2References2

Prion•added 2016/09/19 1:59 a.m.•15 views

Hardcoded credentials

10CVSS7.4AI score0.00734EPSS

Exploits2References2Affected Software1

Cvelist•added 2016/09/19 1:0 a.m.•14 views

CVE-2016-6535

9.5AI score0.00734EPSS

Exploits2References2

CVE•added 2016/09/19 1:0 a.m.•58 views

CVE-2016-6535

CVE-2016-6535 affects AVer Information EH6108H+ hybrid DVR (firmware X9.03.24.00.07l). The vulnerability arises from hard-coded accounts with root privileges, enabling remote attackers to obtain root access via a default TELNET service. CERT/CC notes multiple issues in the device, including authe...

10CVSS9.3AI score0.00734EPSS

Exploits2References2Affected Software1