CVE-2018-0663

CVE-2018-0663 affects several I-O DATA network cameras: TS-WRLP (firmware ≤ 1.09.04), TS-WRLA (≤ 1.09.04), and TS-WRLP/E (≤ 1.09.04). The issue is use of hardcoded credentials, which may let a remote authenticated attacker execute arbitrary OS commands on the device via an unspecified vector. Aff...

CA Unified Infrastructure Management < 8.48 / 8.53 Multiple Vulnerabilities (CA20180829-02)

According to its self-reported version number from the CA Unified Infrastructure Management UIM application running on the remote host is prior to 8.48 or 8.53. It is, therefore, affected by multiple vulnerabilities : - A hardcoded secret key exists that could allow information disclosure...

Hardcoded credentials

Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by...

CVE-2018-16546

Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by...

CVE-2018-16546

Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by...

PLANEX CS-W50HD Hardcoded Credentials Vulnerability (HTTP)

PLANEX CS-W50HD network camera are using hardcoded credentials for the HTTP login. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CA Unified Infrastructure Management Hardcoded Key Vulnerability

CA Unified Infrastructure Management is a powerful unified IT monitoring solution that helps organizations deliver reliable, flexible IT services. A hard-coded key vulnerability exists in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, which can be exploited by an attacker to access...

Hardcoded credentials

A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

CVE-2018-13820

A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

CVE-2018-13819

A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

CVE-2018-13819

A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

CVE-2018-13820

A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

Hardcoded credentials

A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

CVE-2018-13819

A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information...

CVE-2018-13820

CVE-2018-13820 affects CA Unified Infrastructure Management (UIM) versions 8.5.1, 8.5, and 8.4.7 due to a hardcoded passphrase, which could allow an attacker to access sensitive information. The vulnerability is described across multiple sources (NVD/NVD-derived, CNVD, CNVD-related listings), wit...

CVE-2018-13819

CA Unified Infrastructure Management (UIM) versions 8.5.1, 8.5, and 8.4.7 contain a hardcoded secret key that could allow an attacker to access sensitive information. This CVE (CVE-2018-13819) is corroborated by the NVD entry and the CA/Tenable advisories, which also reference additional vulnerab...

Hardcoded credentials

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by...

Hardcoded credentials

Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2017-9821

The National Payments Corporation of India BHIM application 1.3 for Android relies on three hardcoded strings AK-NPCIMB, IM-NPCIBM, and VK-NPCIBM for SMS validation, which makes it easier for attackers to bypass authentication...

Authentication flaw

The National Payments Corporation of India BHIM application 1.3 for Android relies on three hardcoded strings AK-NPCIMB, IM-NPCIBM, and VK-NPCIBM for SMS validation, which makes it easier for attackers to bypass authentication...