CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1187 matches found

CNNVD•added 2024/11/08 12:0 a.m.•3 views

HASOMED Elefant 安全漏洞

HASOMED Elefant is an exercise software from the German company HASOMED. It specializes in meeting the needs of psychotherapists, child and adolescent psychotherapists, and medical psychotherapists. HASOMED Elefant has a security vulnerability. An attacker with local access to a medical office...

7.8CVSS6.5AI score0.00189EPSS

Exploits0References2

OSV•added 2024/10/17 5:15 p.m.•1 views

CVE-2024-48192

Tenda G3 v15.01.0.52848755EN was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

8CVSS5.8AI score

Exploits0References1

NVD•added 2024/10/17 5:15 p.m.•21 views

CVE-2024-48192

Tenda G3 v15.01.0.52848755EN was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

8CVSS0.00361EPSS

Exploits1References1

Vulnrichment•added 2024/10/17 12:0 a.m.•22 views

CVE-2024-48192

Tenda G3 v15.01.0.52848755EN was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

7.5AI score0.00361EPSS

Exploits1References1

Cvelist•added 2024/10/17 12:0 a.m.•20 views

CVE-2024-48192

Tenda G3 v15.01.0.52848755EN was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

0.00361EPSS

Exploits1References1

Positive Technologies•added 2024/10/17 12:0 a.m.•4 views

PT-2024-33017 · Tenda · Tenda G3

Name of the Vulnerable Software and Affected Versions: Tenda G3 version 15.01.0.52848 755 EN Description: A hardcoded password vulnerability was discovered in the /etc ro/shadow file, which allows attackers to log in as root. This issue exists in the Tenda G3 firmware, specifically affecting the...

8CVSS7.7AI score0.00361EPSS

Exploits1References7

CVE•added 2024/10/17 12:0 a.m.•46 views

CVE-2024-48192

CVE-2024-48192 affects Tenda G3 firmware v15.01.0.5(2848_755)_EN. A hardcoded password in the /etc_ro/shadow file allows an attacker to log in as root. The entry lists a high severity (CVSSv3.1: AV Adjacent, AC Low, PR Low, UI None, S Unchanged, C/H/I/A High) with a potential total impact. No rem...

8CVSS7.5AI score0.00361EPSS

Exploits1References1Affected Software1

Tenable Nessus•added 2024/10/01 12:0 a.m.•15 views

Synology DiskStation Manager Exposure of Sensitive Information to an Unauthorized Actor (CVE-2014-2264)

The OpenVPN module in Synology DiskStation Manager DSM 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

7.8CVSS5.8AI score0.01654EPSS

Exploits0References3

OSV•added 2024/09/18 6:15 p.m.•3 views

CVE-2023-41610

Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext...

8.8CVSS5.8AI score0.00386EPSS

Exploits1References1

Positive Technologies•added 2024/09/18 12:0 a.m.•4 views

PT-2024-12944 · Victure · Victure Pc420

Name of the Vulnerable Software and Affected Versions: Victure PC420 version 1.1.39 Description: The issue concerns a hardcoded root password stored in plaintext. Recommendations: For Victure PC420 version 1.1.39, consider changing the hardcoded root password to a unique and secure password as a...

8.8CVSS7AI score0.00386EPSS

Exploits1References5

Vulnrichment•added 2024/09/18 12:0 a.m.•11 views

CVE-2023-41610

Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext...

7.5AI score0.00386EPSS

Exploits1References1

CVE•added 2024/09/18 12:0 a.m.•53 views

CVE-2023-41610

CVE-2023-41610 affects Victure PC420 firmware 1.1.39, where a hardcoded root password is stored in plaintext. The vulnerability is evidenced in multiple sources (NVD/Red Hat/CNNVD/CVE records) describing the presence of a hardcoded administrator credential. There is no documented fix version with...

8.8CVSS7.4AI score0.00386EPSS

Exploits1References1Affected Software1

ATTACKERKB•added 2024/09/06 12:0 a.m.•20 views

CVE-2021-26138

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...

7.8AI score

In wildExploits0References2

OSV•added 2024/08/16 6:15 p.m.•2 views

CVE-2024-42639

H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root...

9.8CVSS5.8AI score0.00559EPSS

Exploits1References2

NVD•added 2024/08/16 6:15 p.m.•12 views

CVE-2024-42639

H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root...

9.8CVSS0.00559EPSS

Exploits1References2