43 matches found
EUVD-2025-6463
Malicious code in bioql PyPI...
EUVD-2025-13277
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2024-46507
Yeti is vulnerable to an authentication bypass using a hardcoded JWT secret with a known username that exploits a server side template injection vulnerability...
CVE-2022-28605
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...
CVE-2025-32889
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app...
CVE-2025-32889
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app...
CVE-2025-32889
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app...
CVE-2025-32889
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app...
CVE-2025-32889
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app...
PT-2025-18688 · Gotenna · Gotenna Mesh
Name of the Vulnerable Software and Affected Versions: goTenna Mesh versions 5.5.3 with firmware 1.1.12 Description: A problem was discovered in goTenna Mesh devices where the verification token used for sending SMS through a goTenna server is hardcoded in the application. This issue affects...
CVE-2025-32888
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for sending SMS through a goTenna server is hardcoded in the app...
CVE-2025-32888
GoTenna Mesh CVE-2025-32888 affects devices running app 5.5.3 with firmware 1.1.12, where the verification token used for sending SMS through a goTenna server is hardcoded in the app. Reported impact indicators show high severity (CVSS v3.1: base score 8.8) with confidentiality, integrity, and av...
CVE-2025-32888
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for sending SMS through a goTenna server is hardcoded in the app...
PT-2025-18689 · Gotenna · Gotenna
Name of the Vulnerable Software and Affected Versions: goTenna v1 devices with app version 5.5.3 and firmware version 0.25.5 Description: An issue was discovered where the verification token used for sending SMS through a goTenna server is hardcoded in the app. This affects the ability to securel...
CVE-2025-1724
Zohocorp's ManageEngine Analytics Plus and Zoho Analytics on-premise versions older than 6130 are vulnerable to an AD only account takeover because of a hardcoded sensitive token...
CVE-2025-1724 Account Takeover
Zohocorp's ManageEngine Analytics Plus and Zoho Analytics on-premise versions older than 6130 are vulnerable to an AD only account takeover because of a hardcoded sensitive token...
CVE-2025-1724
Affected products: Zohocorp’s ManageEngine Analytics Plus and Zoho Analytics on‑premise, versions older than 6130. Root cause: hardcoded sensitive token leading to an AD‑only account takeover. Impact: potential unauthorized AD account access; impact details are as described in the sources. Exploi...
CVE-2025-1724 Account Takeover
Zohocorp's ManageEngine Analytics Plus and Zoho Analytics on-premise versions older than 6130 are vulnerable to an AD only account takeover because of a hardcoded sensitive token...
CVE-2022-20868
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco Secure Email and Web Manager and Cisco Secure Web Appliance could allow an authenticated, remote attacker to elevate privileges on an affected system. The attacker needs valid credentials to exploit thi...
CVE-2022-28605
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...