CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.862 and Application prior to 20.0.2014 VA and SaaS deployments contain Docker images with the private GPG key and passphrase for the account no‑reply+virtual‑[email protected]. The key is stored in cleartext and the...

9.4CVSS6.8AI score0.00164EPSS

Exploits1References1

NVD•added 2025/09/29 9:15 p.m.•1 views

CVE-2025-34209

9.4CVSS0.00164EPSS

Exploits1References4

ATTACKERKB•added 2025/09/29 8:35 p.m.•0 views

CVE-2025-34209

9.4CVSS5.9AI score0.00164EPSS

Exploits1References5

CVE•added 2025/09/29 8:35 p.m.•11 views

CVE-2025-34209

Vusion Print (formerly PrinterLogic) VAs/VAaaS are affected: Docker images for Virtual Appliance Host <22.0.862 and Application

9.4CVSS6.5AI score0.00164EPSS

Exploits1References4Affected Software2

CVE•added 2025/02/06 7:10 p.m.•53 views

CVE-2024-47256

CVE-2024-47256 affects 2N Access Commander prior to version 3.3 (notably 1.14 and older). The issue allows an attacker with Admin privileges to read a hardcoded AES passphrase used to decrypt data in certain backup files, enabling potential exposure of backup contents. 2N released version 3.3 to ...

6CVSS6.2AI score0.00029EPSS

Exploits0References1

Cvelist•added 2025/02/06 7:10 p.m.•13 views

CVE-2024-47256

Successful exploitation of this vulnerability could allow an attacker who needs to have Admin access privileges to read hardcoded AES passphrase, which may be used for decryption of certain data within backup files of 2N Access Commander version 1.14 and older. 2N has released an updated version...

6CVSS0.00029EPSS

Exploits0References1

Positive Technologies•added 2025/02/06 12:0 a.m.•2 views

PT-2025-5859 · 2N · 2N Access Commander

Name of the Vulnerable Software and Affected Versions: 2N Access Commander versions 1.14 and older Description: The issue allows an attacker with Admin access privileges to read a hardcoded AES passphrase, which can be used to decrypt certain data within backup files. Recommendations: For 2N Acce...

6CVSS7.1AI score0.00029EPSS

Exploits0References6

NVD•added 2023/08/31 6:15 a.m.•13 views

CVE-2023-3404

The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private information in versions up to, and including, 5.5.0. This is due to the passphrase and iv being hardcoded in the 'pmencryptdecryptpass' function and used across all sites running the plugin. This makes it...

4.9CVSS4.8AI score0.00288EPSS

Exploits0References3

CVE•added 2023/08/31 5:33 a.m.•53 views

CVE-2023-3404

The CVE affects the ProfileGrid WordPress plugin up to version 5.5.0. The root cause is a hardcoded passphrase and IV in the pm_encrypt_decrypt_pass function, shared across sites. This allows an authenticated attacker with administrator-level permissions to decrypt and view users’ passwords. Impa...

4.9CVSS4.8AI score0.00288EPSS

Exploits0References3Affected Software1

CNNVD•added 2023/08/31 12:0 a.m.•1 views

WordPress plugin ProfileGrid 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.9CVSS6.5AI score0.00288EPSS

Exploits0References4

Tenable Nessus•added 2018/09/07 12:0 a.m.•26 views

CA Unified Infrastructure Management < 8.48 / 8.53 Multiple Vulnerabilities (CA20180829-02)

According to its self-reported version number from the CA Unified Infrastructure Management UIM application running on the remote host is prior to 8.48 or 8.53. It is, therefore, affected by multiple vulnerabilities : - A hardcoded secret key exists that could allow information disclosure...

9.8CVSS7.6AI score0.04779EPSS

Exploits0References4

NVD•added 2018/08/30 2:29 p.m.•7 views

CVE-2018-13820

A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

7.5CVSS8AI score0.00249EPSS

Exploits0References2

OSV•added 2018/08/30 2:29 p.m.•1 views

CVE-2018-13820

A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

7.5CVSS5.8AI score0.00249EPSS

Exploits0References2

CVE•added 2018/08/30 2:0 p.m.•33 views

CVE-2018-13820

CVE-2018-13820 affects CA Unified Infrastructure Management (UIM) versions 8.5.1, 8.5, and 8.4.7 due to a hardcoded passphrase, which could allow an attacker to access sensitive information. The vulnerability is described across multiple sources (NVD/NVD-derived, CNVD, CNVD-related listings), wit...

7.5CVSS7.4AI score0.00249EPSS

Exploits0References2Affected Software1

NVD•added 2016/01/15 8:59 p.m.•15 views

CVE-2016-1909

Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the FortimanagerAccess account, which allows...

10CVSS9.4AI score0.79613EPSS

Exploits8References7