Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2026/05/28 6:34 p.m.10 views

CVE-2026-45041 RustFS: Hard-coded RSA private key in license verifier permits arbitrary license forgery

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...

8.7CVSS5.9AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 2026/05/28 6:34 p.m.22 views

CVE-2026-45041

CVE-2026-45041 affects RustFS prior to 1.0.0-beta.2, where crates/appauth/src/token.rs embeds a 2048-bit RSA private key (TEST_PRIVATE_KEY) as a string constant and uses it in production to verify licenses. This allows anyone who can read the source or extract the key from binaries to mint arbitr...

8.7CVSS5.9AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2023/08/03 7:15 a.m.2 views

CVE-2023-21410

User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution...

8.8CVSS7.4AI score0.00749EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/03 6:48 a.m.10 views

CVE-2023-21409 Insufficient file permissions leak administrator-privileged credentials in AXIS License Verifier ACAP

Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application...

8.4CVSS7AI score0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/03 6:48 a.m.24 views

CVE-2023-21409 Insufficient file permissions leak administrator-privileged credentials in AXIS License Verifier ACAP

Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application...

8.4CVSS9.7AI score0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/03 6:45 a.m.22 views

CVE-2023-21408 Insufficient file permissions leak user credentials of 3rd party integration interfaces in AXIS License Verifier ACAP

Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems...

8.4CVSS9.6AI score0.00564EPSS
Exploits0References1
Rows per page
Query Builder