7549 matches found
CVE-2016-9013
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...
ALPINE-CVE-2016-9013
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...
DEBIAN-CVE-2016-9013
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...
Hardcoded credentials
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...
PYSEC-2016-17
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...
Hardcoded credentials
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWEDHOSTS...
CVE-2016-9013
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...
CVE-2016-9013
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...
Sony Closes Backdoors in IP-Enabled Cameras
Sony, in late November, provided a firmware update for a popular IP-enabled camera line used by enterprises and law enforcement alike that closed off remote administration backdoors. The backdoors could be abused to draft these devices into botnets or allow for manipulation of images and...
BlackStratus LOGStorm Hardcoded 'webserveruser' Credentials (HTTP)
BlackStratus LOGStorm has hardcoded credentials SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:blackstratus:logstorm";...
CVE-2016-2948
IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors...
CVE-2016-2948
IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors...
CVE-2016-2948
IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors...
Hardcoded credentials
IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors...
CVE-2016-2948
IBM BigFix Remote Control (before 9.1.3) is affected by CVE-2016-2948: a local information-disclosure vulnerability where hardcoded credentials can be discovered by a local attacker via unspecified vectors. Affected version range includes 9.1.2 and earlier; impact is local confidentiality and int...
CVE-2016-2948
IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors...
ExpressPay pul kisəsi - Dangerous filesystem permissions, Hardcoded secrets, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application ExpressPay pul kisəsi published at the 'play' market has multiple vulnerabilities...
Crestron AM-100 - Multiple Vulnerabilities
Exploit for hardware platform in category remote exploits ================================================================= Crestron AM-100 Multiple Vulnerabilities ================================================================= Exploit Author: Zach Lanier Vendor Homepage:...
Crestron AirMedia AM-100 1.1.1.11 - 1.2.1 Multiple Vulnerabilities - Active Check
Crestron AirMedia AM-100 devices are prone to multiple vulnerabilities. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Crestron AM-100 - Multiple Vulnerabilities
================================================================= Crestron AM-100 Multiple Vulnerabilities ================================================================= Date: 2016-08-01 Exploit Author: Zach Lanier Vendor Homepage: https://www.crestron.com/products/model/am-100 Version:...