SAP SQL Anywhere 信任管理问题漏洞

SAP SQL Anywhere is a SAP-specific relational database management system from SAP, Germany. A trust management issue vulnerability exists in SAP SQL Anywhere, which arises from hard-coded credentials in the code, and could lead to arbitrary code execution, impacting the confidentiality integrity...

CVE-2025-34501 Shuffle Master Deck Mate 2 Hard-coded Credentials & Exposed Services

Deck Mate 2 is distributed with static, hard-coded credentials for the root shell and web user interface, while multiple management services SSH, HTTP, Telnet, SMB, X11 are enabled by default. If an attacker can reach these interfaces - most often through local or near-local access such as...

CVE-2025-56801

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's position is that...

EUVD-2025-35161

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

CVE-2025-10639 Usage of Hardcoded FTP Credentials EfficientLab WorkExaminer Professional

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

CVE-2025-10639 Usage of Hardcoded FTP Credentials EfficientLab WorkExaminer Professional

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

CVE-2025-56801

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization Vector IV in its AES-CFB encryption implementation allowing attackers with access to the application environment to reliably decrypt encrypted configuration data. NOTE: the Supplier's position is that...

CVE-2025-56801

The Red Hat advisories describe CVE-2025-56801 as a vulnerability in the Reolink Desktop Application 8.18.12 where hardcoded hard-coded credentials function as the Initialization Vector (IV) in AES-CFB encryption, enabling local attackers to decrypt sensitive configuration data stored under %APPD...

CVE-2025-60639

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

EUVD-2025-34808

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

CVE-2025-60639

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

CVE-2025-60639

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

CVE-2025-10850

CVE-2025-10850 pertains to the Felan Framework WordPress plugin. The vulnerability arises from hardcoded credentials in the functions fb_ajax_login_or_register and google_ajax_login_or_register, enabling unauthenticated attackers to log in as existing users who registered via Facebook or Google i...

CVE-2025-10850 Felan Framework <= 1.1.4 - Hardcoded Credentials

The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded password in the 'fbajaxloginorregister' function and in the 'googleajaxloginorregister' function. This makes it possible for unauthenticated...

CVE-2025-10850 Felan Framework <= 1.1.4 - Hardcoded Credentials

The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded password in the 'fbajaxloginorregister' function and in the 'googleajaxloginorregister' function. This makes it possible for unauthenticated...

CVE-2025-60639

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

CVE-2025-60639

CVE-2025-60639 affects the ATLAS-EPIC project by gsiegel14, based on the consolidated records: hardcoded credentials in commit f29312c (2025-05-26). The CVSS v3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) yields a base score of 6.5 (Medium). There is no publicly documented exploitation status ...

CVE-2025-60639

Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c 2025-05-26...

EUVD-2018-5289

Malware in sbrugna...

EUVD-2020-23645

Malware in sbrugna...