EUVD-2026-29438

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

CVE-2026-7428

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

CVE-2026-7428 Insecure default administrative credentials in AlloyDB for PostgreSQL

Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required...

EUVD-2020-1524

Malware in sbrugna...

EUVD-2017-15742

Malware in sbrugna...

CVE-2024-48272

D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password, possibly allowing attackers to connect to the device via a bruteforce attack...

CVE-2020-0016

In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-171413483...

CVE-2025-1960

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly in the WebHMI interfa...

D-Link DSL6740C 安全漏洞

The D-Link DSL6740C is a wireless router developed by D-link. The D-Link DSL6740C suffers from a security vulnerability that stems from the use of an insecure default wifi password, which can be exploited by an attacker to gain unauthorized access to the system...

IBM Data Risk Manager Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Data Risk Manager Arbitrary File Download', 'Description' = %q IBM Data Risk Manager IDRM contains two vulnerabilities that can be chained by...

CVE-2020-0019

In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-171413798...

ASB-A-171413798

In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

RCE Exploit Released for IBM Data Risk Manager

UPDATED Four serious security vulnerabilities in the IBM Data Risk Manager IDRM have been identified that can lead to unauthenticated remote code execution RCE as root in vulnerable versions, according to analysis – and a proof-of-concept exploit is available. IBM weighed in on the problem this...

Researcher Discloses 4 Zero-Day Bugs in IBM's Enterprise Security Software

A cybersecurity researcher today publicly disclosed technical details and PoC for 4 unpatched zero-day vulnerabilities affecting an enterprise security software offered by IBM after the company refused to acknowledge the responsibly submitted disclosure. The affected premium product in question i...

CVE-2017-6687

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system, aka an Insecure Default Password Vulnerability. More Information:...

CVE-2017-6688

CVE-2017-6688 affects Cisco Elastic Services Controller (ESC). A vulnerability exists due to an insecure default password for the Linux root account, enabling an authenticated, remote attacker to log in as root on an affected ESC instance. Known affected release: 2.2(9.76). Cisco Security Advisor...

CVE-2017-6687

The CVE-2017-6687 vulnerability affects Cisco Ultra Services Framework Element Manager. An authenticated, remote attacker with access to the management network could log in to the affected device using default credentials that are present on the system (Insecure Default Password Vulnerability). C...

A-A-S Application Access Server Multiple Vulnerabilities

According to its version number, the remote version of A-A-S Application Access Server is prone to multiple security issues including a cross-site request-forgery vulnerability, an insecure-default-password vulnerability and an information-disclosure vulnerability. Attackers can exploit these...

Sambar Server 4.x5.0 - Insecure Default Password Protection

Sambar Server 4.x5.0 - Insecure Default Password Protection source: https://www.securityfocus.com/bid/3095/info Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems. Sambar Server provides insecure default protection for user passwords. The default password...