CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

561 matches found

Cvelist•added 2021/02/11 4:33 p.m.•13 views

CVE-2020-25493

Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic...

7.5AI score0.00158EPSS

Exploits1References3

OSV•added 2021/02/10 7:15 p.m.•3 views

CVE-2021-27141

An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf/umconfig.txt are obfuscated via XOR with the hardcoded j7aLyZ98sSd5HfSgGjMj8;Ss;d&^@$a2s0i3g key. The webs binary has details on how XOR is used...

9.8CVSS5.8AI score0.00681EPSS

Exploits1References1

CNNVD•added 2021/01/31 12:0 a.m.•2 views

Mofi Network MOFI4500-4GXeLTE 信任管理问题漏洞

The Mofi Network MOFI4500-4GXeLTE is a wireless router from Mofi Network. A security vulnerability exists in the Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The vulnerability stems from the fact that the Dropbear SSH daemon has been modified to accept an alternate hardcoded path to a public...

10CVSS7.1AI score0.00358EPSS

Exploits0References3

0day.today•added 2021/01/18 12:0 a.m.•175 views

IBM Spectrum LSF 10.1 / 10.2 Hardcoded Eauth Key / Eauth Key Exposure Vulnerability

================================================================================ Multiple IBM Spectrum LSF Authentication Vulnerabilities Eauth - CVE-2020-4983 ================================================================================ Software: Spectrum LSF Vendor: IBM Affected Versions:...

7.8CVSS7.8AI score0.00056EPSS

Exploits1

Positive Technologies•added 2021/01/12 12:0 a.m.•2 views

PT-2021-2204 · Siemens · C-Plug +2

Name of the Vulnerable Software and Affected Versions: SCALANCE X-200 switch family incl. SIPLUS NET variants versions prior to V5.2.5 SCALANCE X-200IRT switch family incl. SIPLUS NET variants versions prior to V5.5.0 SCALANCE X-200RNA switch family versions prior to V3.2.7 Description: A...

9.4CVSS5.6AI score0.0016EPSS

Exploits0References5

CNNVD•added 2020/12/29 12:0 a.m.•2 views

Multiple Amino Product Trust Management Issue Vulnerabilities

Amino Communications AK45x series, among others, is a line of TV set-top box devices from Amino UK. A security vulnerability exists in a number of Amino Communications products that originates from a root user hard-coded SSH key, which can be exploited by an attacker to remotely login via SSH. Th...

10CVSS5.8AI score0.03958EPSS

Exploits1References1

CNVD•added 2020/12/09 12:0 a.m.•3 views

Siemens LOGO! 8 BM Hardcoded Encryption Key Vulnerability

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in Siemens LOGO! 8 BM, which can be exploited by an attacker to obtain a private RSA key used to encrypt communications with a device, resulting ...

5.5CVSS8.4AI score0.00063EPSS

Exploits0References1

OSV•added 2020/11/24 9:15 p.m.•1 views

CVE-2020-29063

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. ...

7.5CVSS5.8AI score

Exploits0References1

OSV•added 2020/10/27 5:15 a.m.•2 views

CVE-2020-27181

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files...

6.5CVSS5.8AI score0.0017EPSS

Exploits0References2

ATTACKERKB•added 2020/10/27 5:15 a.m.•3 views

CVE-2020-27181

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files...

6.5CVSS5.3AI score0.0017EPSS

Exploits0References3

NVD•added 2020/09/14 2:15 p.m.•11 views

CVE-2020-12789

The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets...

7.5CVSS0.0028EPSS

Exploits0References1

Cvelist•added 2020/09/14 1:24 p.m.•13 views

CVE-2020-12789

The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets...

7.5AI score0.0028EPSS

Exploits0References1

OSV•added 2020/06/30 7:15 p.m.•1 views

CVE-2020-14474

The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for every device...

7.5CVSS7.1AI score0.01452EPSS

Exploits3References3

NVD•added 2020/06/30 7:15 p.m.•9 views

CVE-2020-14474

7.5CVSS0.01452EPSS

Exploits3References3