Lucene search
K

7581 matches found

Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.2 views

PT-2022-6297 · Апекс-Вуз · Апекс-Вуз

Name of the Vulnerable Software and Affected Versions: Апекс-ВУЗ affected versions not specified Description: The issue is related to the use of hardcoded credentials in the Апекс-ВУЗ education automation system. Exploitation of this issue may allow a remote attacker to gain full access to the...

10CVSS7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.5 views

PT-2022-6464 · Mgt Commerce · Mgt-Commerce Cloudpanel

Name of the Vulnerable Software and Affected Versions: MGT-COMMERCE CloudPanel version 2.2.0 Description: The issue is related to the use of a static SSL certificate with a hardcoded cryptographic key in MGT-COMMERCE CloudPanel, which is shared across every installation. This could allow a remote...

8.1CVSS8AI score0.00599EPSS
Exploits1References11
Prion
Prion
added 2022/12/08 4:15 p.m.32 views

Hardcoded credentials

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks...

4.3CVSS5.1AI score0.00432EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/12/06 12:15 a.m.4 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

9.1CVSS5.8AI score0.00729EPSS
Exploits0References2
Prion
Prion
added 2022/12/06 12:15 a.m.20 views

Hardcoded credentials

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

6.4CVSS9.1AI score0.00729EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/12/05 12:0 a.m.6 views

Mobatek MobaXterm 信任管理问题漏洞

Mobatek MobaXterm is a suite of terminal software from the French company Mobatek that integrates an enhanced terminal, an X server and a Unix command set GNU/Cygwin. A security vulnerability exists in Mobatek MobaXterm versions prior to v22.1, which originates when aborting an SFTP connection,...

9.1CVSS8.2AI score0.00729EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/05 12:0 a.m.7 views

PT-2022-24375 · Mobaxterm · Mobaxterm

Name of the Vulnerable Software and Affected Versions: MobaXterm versions prior to 22.1 Description: The issue occurs when aborting a SFTP connection, where a hardcoded password is sent to the server. This can be treated as an invalid login attempt by the server, potentially leading to a Denial o...

9.1CVSS9.2AI score0.00729EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/12/05 12:0 a.m.22 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

9.4AI score0.00729EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/05 12:0 a.m.5 views

CVE-2022-38337

When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service DoS for the user if services like fail2ban are used...

7AI score0.00729EPSS
Exploits0References2
CVE
CVE
added 2022/12/05 12:0 a.m.98 views

CVE-2022-38337

CVE-2022-38337 affects Mobatek MobaXterm prior to v22.1, where aborting a SFTP connection sends a hardcoded password to the server, which the server may treat as an invalid login and trigger a user DoS (e.g., via fail2ban). Root cause is hardcoded credentials during SFTP abort. Impact is Denial o...

9.1CVSS9.1AI score0.00729EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/05 12:0 a.m.3 views

PT-2022-5909 · Ami · Ami Megarac Baseboard Management Controller

Name of the Vulnerable Software and Affected Versions: AMI MegaRAC Baseboard Management Controller BMC affected versions not specified Description: The issue is related to the use of hardcoded credentials in the AMI MegaRAC Baseboard Management Controller BMC firmware. An attacker can exploit thi...

9.8CVSS9.5AI score0.00655EPSS
Exploits0References10
Wiz blog
Wiz blog
added 2022/12/01 3:0 p.m.18 views

Hell’s Keychain: Supply-chain vulnerability in IBM Cloud Databases for PostgreSQL allows potential unauthorized database access

How IBM Cloud caught us exploring its infrastructure and how a hardcoded secret eventually led to build artifact access and manipulation...

6.8AI score
Exploits0
OSV
OSV
added 2022/11/30 5:15 a.m.2 views

CVE-2022-44097

Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2022/11/30 5:15 a.m.13 views

CVE-2022-44097

Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

9.8CVSS0.00764EPSS
Exploits1References1
NVD
NVD
added 2022/11/30 5:15 a.m.13 views

CVE-2022-44096

Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

9.8CVSS0.00764EPSS
Exploits1References1
OSV
OSV
added 2022/11/30 5:15 a.m.4 views

CVE-2022-44096

Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

9.8CVSS5.8AI score0.00764EPSS
Exploits1References1
Prion
Prion
added 2022/11/30 5:15 a.m.16 views

Hardcoded credentials

Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

7.5CVSS9.6AI score0.00764EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/11/30 5:15 a.m.20 views

Hardcoded credentials

Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

7.5CVSS9.6AI score0.00764EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/11/30 12:0 a.m.19 views

CVE-2022-44097

Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

9.9AI score0.00764EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/11/30 12:0 a.m.16 views

CVE-2022-44096

Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

9.9AI score0.00764EPSS
Exploits1References1
Rows per page
Query Builder