7547 matches found
Tenda AC10 安全漏洞
The Tenda AC10 is a wireless router produced by the Chinese company Tenda. The Tenda AC10 16.03.10.10multiTDE01 version has a security vulnerability. This vulnerability stems from the hardcoded encryption key present in the file/webroot-ro/pem/privkeySrv.pem of the RSA 2048-bit Private Key Handle...
Tenda 4G03 安全漏洞
The Tenda 4G03 is a wireless router produced by the Chinese company Tenda. The Tenda 4G03 Pro 1.0 version, 1.0re version, 01.bin version, and 04.03.01.53 version have security vulnerabilities, which stem from the use of hardcoded encryption keys...
CVE-2025-10681
Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers...
EUVD-2026-18993
The Text to Speech for WP AI Voices by Mementor plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the...
CVE-2026-1233
The Text to Speech for WP AI Voices by Mementor plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the...
CVE-2026-1233 Text to Speech (TTS) by Mementor <= 1.9.8 - Use of Hardcoded Password to Unauthenticated Remote Database Access
The Text to Speech for WP AI Voices by Mementor plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the...
CVE-2026-1233
The Text to Speech for WP AI Voices by Mementor plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the...
CVE-2026-1233 Text to Speech (TTS) by Mementor <= 1.9.8 - Use of Hardcoded Password to Unauthenticated Remote Database Access
The Text to Speech for WP AI Voices by Mementor plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.9.8. This is due to the plugin containing hardcoded MySQL database credentials for the vendor's external telemetry server in the...
CVE-2026-1233
CVE-2026-1233 affects the WordPress plugin Text to Speech for WP (AI Voices by Mementor). All versions up to 1.9.8 contain hardcoded MySQL credentials for the vendor’s external telemetry server in the Mementor_TTS_Remote_Telemetry class, enabling unauthenticated actors to extract and decode these...
GHSA-MCWW-4HXQ-HFR3 LightRAG: Hardcoded JWT Signing Secret Allows Authentication Bypass
Subject: Security Vulnerability Report Hardcoded JWT Secret CVE-2026-30762 Hi HKUDS team, I'm writing to report a security vulnerability I discovered in LightRAG v1.4.10. This has been assigned CVE-2026-30762 by MITRE. Vulnerability: Hardcoded JWT signing secret Type: Improper Authentication...
LightRAG: Hardcoded JWT Signing Secret Allows Authentication Bypass
Subject: Security Vulnerability Report Hardcoded JWT Secret CVE-2026-30762 Hi HKUDS team, I'm writing to report a security vulnerability I discovered in LightRAG v1.4.10. This has been assigned CVE-2026-30762 by MITRE. Vulnerability: Hardcoded JWT signing secret Type: Improper Authentication...
EUVD-2017-18957
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
PT-2026-30344
Name of the Vulnerable Software and Affected Versions Text to Speech for WP AI Voices by Mementor versions up to and including 1.9.8 Description The Text to Speech for WP AI Voices by Mementor plugin for WordPress contains hardcoded MySQL database credentials for the vendor's external telemetry...
CVE-2017-20234
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
CVE-2017-20234
CVE-2017-20234 affects GarrettCom Magnum 6K and 10K managed switches, where an authentication bypass exists due to a hardcoded string in the authentication mechanism. The vulnerability allows unauthenticated attackers to access administrative functions and sensitive switch configuration without v...
CVE-2017-20234 GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
CVE-2017-20234 GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
CVE-2017-20234
GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...
EUVD-2025-209213
Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers...
CVE-2025-10681
Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers...