571 matches found
PT-2023-6990 · Siemens · Scalance Xb205-3
Name of the Vulnerable Software and Affected Versions: SCALANCE XB205-3 SC, PN versions prior to V4.5 SCALANCE XB205-3 ST, E/IP versions prior to V4.5 Description: The issue is related to the use of a hardcoded cryptographic key in the software of industrial switches. This could allow a remote...
CVE-2023-31579
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token...
PT-2023-23394 · Dromara · Dromara Lamp-Cloud
Name of the Vulnerable Software and Affected Versions: Dromara Lamp-Cloud versions prior to 3.8.1 Description: The issue is related to the use of a hardcoded cryptographic key when creating and verifying a Json Web Token. This allows attackers to authenticate to the application via a crafted JWT...
GHSA-3J2F-58RQ-G6P7 Sureness uses hardcoded key
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key...
Sureness uses hardcoded key
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key...
CVE-2023-31581
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key...
CVE-2023-31581
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key...
CVE-2023-31581
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key...
Hardcoded credentials
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key...
PT-2023-27933 · Google · Android Client
Name of the Vulnerable Software and Affected Versions: Android Client application affected versions not specified Description: The issue allows an unprivileged third-party application to arbitrarily modify the server settings of the Android Client application, causing it to connect to a malicious...
CVE-2023-31581
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key...
CVE-2023-31581
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key...
PT-2023-23397 · Dromara · Dromara Sureness
Name of the Vulnerable Software and Affected Versions: Dromara Sureness versions prior to 1.0.8 Description: The issue is related to the use of a hardcoded key in Dromara Sureness. Recommendations: For versions prior to 1.0.8, update to version 1.0.8 or later to resolve the issue...
CVE-2023-31581
CVE-2023-31581 affects Dromara Sureness prior to v1.0.8, where a hardcoded key is used in JSON Web Token creation and validation. This issue is documented across multiple sources (Red Hat advisory, CVE listings, OSV, GHSA) and is described as a security vulnerability in Sureness before 1.0.8. The...
AudioCodes VoIP Phones Hardcoded Key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-054 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.8.M4 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Ris...
PT-2023-7583 · Aleos · Aleos
Name of the Vulnerable Software and Affected Versions: ALEOS versions 4.16.0 and earlier Description: The issue is related to the use of a hardcoded SSL certificate and private key in several versions of ALEOS. This could allow an attacker with access to these items to perform a man-in-the-middle...
CVE-2023-33371
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...
CVE-2023-33371
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...
PT-2023-24320 · Control Id · Idsecure
Name of the Vulnerable Software and Affected Versions: Control ID IDSecure versions 4.7.26.0 and prior Description: The issue allows attackers to sign arbitrary session tokens and bypass authentication due to the use of a hardcoded cryptographic key for signing and verifying JWT session tokens...
PT-2023-26960 · WordPress · Video Conferencing With Zoom
Name of the Vulnerable Software and Affected Versions: Video Conferencing with Zoom plugin for WordPress versions up to, and including, 4.2.1 Description: The issue is related to Sensitive Information Exposure due to a hardcoded encryption key in the vczapi encrypt decrypt function. This allows...