234 matches found
CVE-2026-25600 Credential Exposure Vulnerability in Trac PDBM
The PDBM application relies on a static, hard‑coded secret embedded in the PDBM.exe executable. This secret is used by the application’s encryption routines, including the function responsible for decrypting credentials stored in the product’s configuration file. Because the secret is constant...
Exploit for Path Traversal in Mikrotik Routeros
Ferramentas de Pentest — /rede Repositório de scripts para au...
CVE-2026-7807
SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/type API endpoint that allows authenticated users to read arbitrary .json files on the system. Attackers can exploit this vulnerability combined with weak encryption algorithms...
CVE-2026-7807
SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/type API endpoint that allows authenticated users to read arbitrary .json files on the system. Attackers can exploit this vulnerability combined with weak encryption algorithms...
EUVD-2018-21789
ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions. Attackers can connect to the database using default connector credentials, decrypt the DBA password, and execute commands v...
CVE-2018-25272
ELBA5 5.8.0 contains a Remote Code Execution vulnerability via database access. The issue allows an attacker to obtain database credentials, decrypt the DBA password, and run commands with SYSTEM-level permissions. Exploitation could occur by connecting with default connector credentials and usin...
📄 Spectrum ANOG Device Credential Extraction / Command Injection
This Metasploit auxiliary module targets Spectrum/ANOG devices and combines credential extraction, password decryption, and remote command execution through an authenticated command injection flaw...
MEPIS RM 安全漏洞
MEPIS RM is a management platform developed by the Slovenian company MEPIS, used for centralized monitoring and remote control of devices. There is a security vulnerability in MEPIS RM, which stems from the hardcoded encryption key present in the Mx.Web.ComponentModel.dll component. This...
EulerOS Virtualization 2.12.0 : openssl (EulerOS-SA-2026-1507)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bound...
CVE-2025-57796
Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained...
CVE-2025-25051 AutomationDirect CLICK Programmable Logic Controller Plaintext Storage of a Password
An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks...
CVE-2021-22640
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks...
CVE-1999-0476
A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user...
OESA-2025-2502 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary:...
EUVD-2004-1020
Malware in sbrugna...
EUVD-2003-0736
Malware in sbrugna...
EUVD-2020-28640
Malware in sbrugna...
EUVD-2020-20574
Malware in sbrugna...
EUVD-2001-0984
Malware in sbrugna...
EUVD-1999-0469
Malware in sbrugna...