Lucene search
K

7576 matches found

Prion
Prion
added 2022/10/14 8:15 p.m.23 views

Hardcoded credentials

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

5CVSS7.4AI score0.44021EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.5 views

PT-2022-5444 · Microsoft · Windows Portable Device Enumerator Service +1

Name of the Vulnerable Software and Affected Versions: Windows Portable Device Enumerator Service affected versions not specified Description: The issue is related to the use of a hardcoded cryptographic key in the Windows Portable Device Enumerator Service. This could allow an attacker to bypass...

6.6CVSS9.4AI score0.00597EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.6 views

PT-2022-5021 · Dell · Dell Enterprise Sonic Os

Name of the Vulnerable Software and Affected Versions: Dell Enterprise SONiC OS versions 4.0.0 through 4.0.1 Description: The issue is related to a cryptographic key vulnerability in SSH, where an unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorize...

7.8CVSS7.4AI score0.0074EPSS
Exploits0References3
Code423n4
Code423n4
added 2022/10/10 12:0 a.m.7 views

Amount of ERC1155 tokens transferred is always 1.

Lines of code Vulnerability details Impact When a user signs an order to buy multiple ERC1155 tokens the amount of tokens transferred is hardcoded to be 1. This means although they expected to get n number of tokens for the total price of X they only get 1 and pay the total amount of X ETH. Proof...

6.8AI score
Exploits0
Prion
Prion
added 2022/10/06 6:16 p.m.15 views

Hardcoded credentials

FlyteAdmin is the control plane for the data processing platform Flyte. Users who enable the default Flyte’s authorization server without changing the default clientid hashes will be exposed to the public internet. In an effort to make enabling authentication easier for Flyte administrators, the...

5CVSS7.6AI score0.0067EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/10/06 12:0 a.m.39 views

CVE-2022-39273 Default OAuth Authorization Server secret in FlyteAdmin

FlyteAdmin is the control plane for the data processing platform Flyte. Users who enable the default Flyte’s authorization server without changing the default clientid hashes will be exposed to the public internet. In an effort to make enabling authentication easier for Flyte administrators, the...

4.8CVSS7.7AI score0.0067EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/10/05 12:0 a.m.5 views

PT-2022-24861 · Unknown · Flyteadmin

Name of the Vulnerable Software and Affected Versions: FlyteAdmin versions prior to 1.1.44 Description: The default authorization server's configuration settings contain a known hardcoded hashed password. Users who enable authentication without changing the default clientid hashes will be exposed...

7.5CVSS7.3AI score0.0067EPSS
Exploits0References12
Packet Storm
Packet Storm
added 2022/10/03 12:0 a.m.195 views

Backdoor.Win32.NTRC MVID-2022-0646 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/273fd3f33279cc9c0378a49cf63d7a06.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NTRC Vulnerability: Weak Hardcoded Credentials Family: NTRC Type: PE32 MD5:...

7.4AI score
Exploits0
OSV
OSV
added 2022/09/29 3:15 a.m.4 views

CVE-2020-15331

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTHSECRETKEY in /opt/axess/etc/default/axess...

9.8CVSS5.8AI score0.00884EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.24 views

CVE-2020-15340

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/defaultaxess/axess/TR69/Handlers/turbolink/sshkeys/idrsa SSH key...

7.5CVSS0.00738EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.3 views

CVE-2020-15330

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APPKEY in /opt/axess/etc/default/axess...

5.3CVSS5.8AI score0.00572EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.4 views

CVE-2020-15340

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/defaultaxess/axess/TR69/Handlers/turbolink/sshkeys/idrsa SSH key...

7.5CVSS5.8AI score0.00738EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.18 views

CVE-2020-15330

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APPKEY in /opt/axess/etc/default/axess...

5.3CVSS0.00572EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.4 views

CVE-2020-15325

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication...

5.3CVSS5.8AI score0.00572EPSS
Exploits1References2
OSV
OSV
added 2022/09/29 3:15 a.m.4 views

CVE-2020-15326

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem...

5.3CVSS5.8AI score0.0053EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.20 views

CVE-2020-15326

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem...

5.3CVSS0.0053EPSS
Exploits1References2
Prion
Prion
added 2022/09/29 3:15 a.m.17 views

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTHSECRETKEY in /opt/axess/etc/default/axess...

7.5CVSS9.3AI score0.00884EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.17 views

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication...

5CVSS5.4AI score0.00572EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.16 views

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APPKEY in /opt/axess/etc/default/axess...

5CVSS5.3AI score0.00572EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.21 views

Hardcoded credentials

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/defaultaxess/axess/TR69/Handlers/turbolink/sshkeys/idrsa SSH key...

5CVSS7.6AI score0.00738EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder