Lucene search
K

29 matches found

CERT
CERT
added 2026/03/24 12:0 a.m.6 views

Hard coded credentials vulnerability in GoHarbor's Harbor

Overview GoHarbor's Harbor default admin password presents a security risk because it does not require change upon initial deployment. Description GoHarbor's Harbor is an open-source OCI-compliant container registry project that stores, signs, and manages container images. Harbor initializes with...

9.4CVSS6.5AI score0.00498EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/09 9:31 p.m.4 views

EUVD-2026-10346

An incorrect access control vulnerability exists in Tenda W15E V02.03.01.26cn. An unauthenticated attacker can access the /cgi-bin/DownloadCfg/RouterCfm.jpg endpoint to download the configuration file containing plaintext administrator credentials, leading to sensitive information disclosure and...

6AI score0.00327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.15 views

PT-2026-22725

OpenMQ exposes a TCP-based management service imqbrokerd that by default requires authentication. However, the product ships with a default administrative account admin/ admin and does not enforce a mandatory password change on first use. After the first successful login, the server continues to...

9.8CVSS6AI score0.00402EPSS
Exploits0References1
OSV
OSV
added 2026/02/27 6:16 p.m.4 views

CVE-2026-27751

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement t...

9.8CVSS5.8AI score0.00449EPSS
Exploits0References2
CVE
CVE
added 2026/02/27 6:7 p.m.10 views

CVE-2026-27751

SODOLA SL902-SWTGW124AS firmware versions up to 200.1.20 contain a default credentials vulnerability that lets remote attackers obtain administrative access to the management interface. The issue arises from hardcoded default credentials and lack of password-change enforcement, enabling full admi...

9.8CVSS6AI score0.00449EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-0917

Malware in sbrugna...

5.5CVSS6.2AI score0.01018EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-5776

Malware in sbrugna...

10CVSS6.3AI score0.02306EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.23 views

EUVD-2015-7828

Malware in sbrugna...

10CVSS9.1AI score0.02521EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 11:15 a.m.4 views

CVE-2013-2352

LeftHand OS aka SAN iQ 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time...

9.4CVSS7AI score0.03905EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.170 views

Eaton Xpert Meter SSH Private Key Exposure Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework XXX: This shouldn't be necessary but is now require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'Eaton Xpert Meter SSH Private Key Exposure Scanner'...

10CVSS7.1AI score0.34929EPSS
Exploits3
F5 Networks
F5 Networks
added 2023/02/21 6:26 p.m.35 views

K8420: ClamAV buffer overflow vulnerabilities - CVE-2007-6335, CVE-2007-6336

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...

7.5CVSS9.6AI score0.18382EPSS
Exploits4
Packet Storm
Packet Storm
added 2016/10/28 12:0 a.m.63 views

Lupusec XT1 1.0.80 XSS / CSRF / DoS / Insecure Transit

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 === FOXMOLE - Security Advisory 2016-07-20 === Lupusec XT1 Alarm System - Multiple Issues Affected Versions ================= Lupusec XT1 fw 1.0.80 Issue Overview ============== Vulnerability Type: Cross Site Scripting, Cross Site Request Forgery,...

7.8CVSS6.6AI score0.76396EPSS
Exploits8
OSV
OSV
added 2016/08/31 3:59 p.m.3 views

CVE-2016-5678

NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors...

9.8CVSS5.8AI score0.08682EPSS
Exploits4References3
VulnCheck KEV
VulnCheck KEV
added 2015/12/23 12:0 a.m.4 views

VulnCheck KEV: CVE-2015-7755

Juniper ScreenOS contains an improper authentication vulnerability that could allow unauthorized remote administrative access to the device...

10CVSS7.4AI score0.614EPSS
Exploits7References1
OpenVAS
OpenVAS
added 2015/12/21 12:0 a.m.63 views

Backdoor in ScreenOS (SSH)

ScreenOS is vulnerable to an unauthorized remote administrative access to the device over SSH or telnet. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

10CVSS8.1AI score0.614EPSS
Exploits7References4
ThreatPost
ThreatPost
added 2015/12/17 6:30 p.m.11 views

Juniper Patches ScreenOS Backdoor

Juniper Networks today has released an emergency patch that removes what it’s calling “unauthorized code” from ScreenOS that could allow attackers to decrypt VPN traffic from NetScreen devices. Juniper has not commented on the origin of the code it found. However, Juniper’s products were singled...

1.1AI score
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Western Digital My Net Wireless Routers - Password Disclosure

No description provided by source. Vulnerable Systems: Western Digital My Net Series Wireless Routers: N600 Firmware 1.03.12 N600 Firmware 1.04.16 N750 Firmware 1.03.12 N750 Firmware 1.04.16 N900 Firmware 1.05.12 N900 Firmware 1.06.18 N900 Firmware 1.06.28 N900C Firmware 1.05.12 N900C Firmware...

4.3CVSS6.5AI score0.04555EPSS
Exploits5
securityvulns
securityvulns
added 2014/04/07 12:0 a.m.101 views

ASUS router drive-by code execution via XSS and authentication bypass

ASUS router drive-by code execution via XSS and authentication bypass ===================================================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/asus-router-auth-bypass.txt Overview -------- Various ASUS routers contai...

0.2AI score0.00739EPSS
Exploits2
Packet Storm
Packet Storm
added 2014/02/22 12:0 a.m.115 views

ASUS Router Authentication Bypass / Cross Site Scripting

ASUS router drive-by code execution via XSS and authentication bypass ===================================================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/asus-router-auth-bypass.txt Overview -------- Various ASUS routers contai...

0.4AI score0.00739EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2013/08/15 12:0 a.m.30 views

Western Digital My Net Router main_internet.php Admin Credential Disclosure

The web server for the Western Digital My Net router identified is affected by an information disclosure vulnerability. The admin password is stored in plaintext as the value for 'var pass'. This can be found in the source code for the 'maininternet.php' page. An unauthenticated, remote attacker...

4.3CVSS5.6AI score0.04555EPSS
Exploits5References3
Rows per page
Query Builder