Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7568 matches found

Positive Technologies
Positive Technologiesadded 2023/12/07 12:0 a.m.5 views

PT-2023-27368 · Netscout · Netscout Ngeniuspulse

Name of the Vulnerable Software and Affected Versions: NETSCOUT nGeniusPULSE version 3.8 Description: The issue is related to a hardcoded cryptographic key in the software. This could potentially allow unauthorized access or decryption of sensitive data. Recommendations: For NETSCOUT nGeniusPULSE...

9.8CVSS6.8AI score0.00706EPSS
Exploits0References4
CVE
CVEadded 2023/12/07 12:0 a.m.38 views

CVE-2023-40300

NETSCOUT nGeniusPULSE 3.8 is affected by a hardcoded cryptographic key. The available connected sources confirm the issue exists in version 3.8 and describe the risk as potentially enabling unauthorized access or decryption of sensitive data. No details on exploit vectors, affected configurations...

9.8CVSS9.3AI score0.00706EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2023/12/07 12:0 a.m.2 views

PT-2023-7601 · Sonicwall · Sonicwall Wan Acceleration (Wxa) 5000 Virtual Appliance

Name of the Vulnerable Software and Affected Versions: SonicWall WAN Acceleration WXA 5000 Virtual Appliance affected versions not specified Description: The issue is related to the use of hardcoded credentials in the virtual device management service. This could allow a remote attacker to bypass...

10CVSS7.8AI score
Exploits0References4
Positive Technologies
Positive Technologiesadded 2023/12/07 12:0 a.m.5 views

PT-2023-24338 · Supermicro · Supermicro X11

Name of the Vulnerable Software and Affected Versions: Supermicro X11 and M11 based devices versions through 3.17.02 Description: The configuration functionality in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation allows remote authenticated...

8.8CVSS8.9AI score0.01014EPSS
Exploits0References7
Cvelist
Cvelistadded 2023/12/07 12:0 a.m.16 views

CVE-2023-40300

NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key...

9.7AI score0.00706EPSS
Exploits0References1
OSV
OSVadded 2023/12/04 11:15 p.m.5 views

CVE-2023-40464

Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server...

6.8CVSS5.8AI score0.00296EPSS
Exploits0References1
Prion
Prionadded 2023/12/04 11:15 p.m.18 views

Hardcoded credentials

Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server...

3.6CVSS7AI score0.00296EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2023/12/04 10:59 p.m.33 views

CVE-2023-40464 Use of hardcoded certificate and private key

Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server...

8.1CVSS8.1AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/12/04 10:59 p.m.3 views

CVE-2023-40464 Use of hardcoded certificate and private key

Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server...

8.1CVSS5.5AI score0.00296EPSS
Exploits0References1
Prion
Prionadded 2023/12/04 2:15 p.m.12 views

Hardcoded credentials

EzViz Studio v2.2.0 is vulnerable to DLL hijacking...

4.4CVSS7.1AI score0.00451EPSS
Exploits2References1Affected Software1
Prion
Prionadded 2023/12/01 2:15 p.m.15 views

Hardcoded credentials

The password for access to the debugging console of the PoWer Controller chip PWC of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III 3V3 - 2.0 TD...

4.6CVSS7.3AI score0.00313EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2023/12/01 1:41 p.m.59 views

CVE-2023-28895

The CVE-2023-28895 entry concerns Škoda MIB3 infotainment’s PoWer Controller (PWC) with a hard-coded password in the firmware. This allows an attacker with physical access to gain full control of the PWC chip on Škoda Superb III (3V3) 2.0 TDI (2022). Connected documents confirm the hardware/softw...

6.8CVSS4.9AI score0.00313EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2023/11/29 1:15 a.m.3 views

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

9.8CVSS5.8AI score0.00871EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2023/11/29 1:15 a.m.3 views

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

9.8CVSS7.2AI score0.00871EPSS
Exploits0References3
NVD
NVDadded 2023/11/29 1:15 a.m.14 views

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

9.8CVSS0.00871EPSS
Exploits0References2
Prion
Prionadded 2023/11/29 1:15 a.m.16 views

Hardcoded credentials

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

7.5CVSS7.7AI score0.00871EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2023/11/29 12:0 a.m.35 views

CVE-2023-23324

CVE-2023-23324 affects Zumtobel Netlink CCD Onboard: vulnerable in firmware 3.80 with prior 3.74—3.79 releases. The root cause is hardcoded administrator credentials embedded in the device, enabling unauthorized admin access if exploited. Documented impact is severe (admin-level access could lead...

9.8CVSS9.5AI score0.00871EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/11/29 12:0 a.m.3 views

PT-2023-18906 · Zumtobel · Zumtobel Netlink Ccd Onboard

Name of the Vulnerable Software and Affected Versions: Zumtobel Netlink CCD Onboard versions 3.74 through 3.79 Description: The issue concerns hardcoded credentials for the Administrator account. Recommendations: For Zumtobel Netlink CCD Onboard versions 3.74 through 3.79, update to Firmware 3.80...

9.8CVSS9.5AI score0.00871EPSS
Exploits0References6
Cvelist
Cvelistadded 2023/11/29 12:0 a.m.25 views

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

9.8AI score0.00871EPSS
Exploits0References2
OSV
OSVadded 2023/11/28 9:15 p.m.9 views

CVE-2023-29064

The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcoded secrets used by the application, which include tokens and passwords for administrative accounts...

4.3CVSS5.8AI score0.00274EPSS
Exploits0References1
Rows per page
Query Builder