573 matches found
CVE-2025-63433
Xtooltech Xtool AnyScan Android Application 4.40.40 and prior uses a hardcoded cryptographic key and IV to decrypt update metadata. The key is stored as a static value within the application's code. An attacker with the ability to intercept network traffic can use this hardcoded key to decrypt,...
CVE-2025-63433
Summary of CVE-2025-63433 : Xtooltech Xtool AnyScan Android Application 4.40.40 and earlier uses a hardcoded cryptographic key and IV stored statically in code to decrypt update metadata. This enables an attacker who can intercept network traffic to use the hardcoded key to decrypt, modify, and r...
CVE-2025-12177
The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs...
CVE-2025-12177
CVE-2025-12177 affects the WordPress Download Manager plugin (versions ≤ 3.3.30). The root cause is a hardcoded Cron key that enables unauthenticated triggering of deleteExpired() and clearTempDataCPCron(). This can lead to deletion of expired posts and clearing of cache. The vulnerability is con...
CVE-2025-12177 Download Manager <= 3.3.30 - Unauthenticated Cron Trigger due to Hardcoded Cron Key
The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs...
CVE-2025-52268
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid login tokens...
EUVD-2025-36186
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid login tokens...
CVE-2025-52268
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid login tokens...
CVE-2025-52268
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid login tokens...
CVE-2025-52268
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid login tokens...
PT-2025-43959
Name of the Vulnerable Software and Affected Versions StarCharge Artemis AC Charger version 1.0.4 Description The StarCharge Artemis AC Charger version 1.0.4 contains a hardcoded AES key. This allows attackers to forge or decrypt valid login tokens. Recommendations At the moment, there is no...
CVE-2025-52268
CVE-2025-52268 affects StarCharge Artemis AC Charger 7-22 kW v1.0.4. The issue is a hardcoded AES key that enables attackers to forge or decrypt valid login tokens. Documented across multiple sources (NVD, Red Hat, ENISA/EUVD, CVE list, CNNVD) with the same vulnerability description. Exploitation...
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year
Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon , which is also tracked as...
CVE-2025-8915
Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious adversary to do a Mann-in-the-middle attack via the network...
CVE-2025-35056
Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' 'StreamStampImage' accepts an encrypted file path and returns an image of the specified file. An authenticated attacker can read arbitrary files subject to the privileges of NIX, typically 'NT AUTHORITY\NetworkService', and the...
EUVD-2021-13908
Malware in sbrugna...
EUVD-2020-4928
Malware in sbrugna...
EUVD-2018-20792
Malware in sbrugna...
EUVD-2015-8140
Malware in sbrugna...
EUVD-2014-4794
Malware in sbrugna...