SODOLA SL902-SWTGW124AS 安全漏洞

SODOLA SL902-SWTGW124AS is an industrial switch produced by the Spanish company SODOLA. Versions of SODOLA SL902-SWTGW124AS prior to version 200.1.20 contain security vulnerabilities. These vulnerabilities stem from the use of the MD5 hash function, which has weak encryption strength. This can...

Linux Distros Unpatched Vulnerability : CVE-2024-58134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These...

CVE-2024-58134

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

CVE-2024-58134

CVE-2024-58134 (Mojolicious on Perl): Affected versions are Mojolicious 0.999922 and later up to 9.39, where the HMAC session cookie secret is derived from a hard-coded string or the app class name by default. This predictable secret enables an attacker who learns or guesses the secret to forge v...

PT-2025-18947 · Unknown +1 · Mojolicious +1

Name of the Vulnerable Software and Affected Versions: Mojolicious versions 0.999922 through 9.39 Description: The issue concerns the use of a hard-coded string or the application's class name as a HMAC session secret by default in Mojolicious for Perl. This predictable default secret can be...

CVE-2024-3408

man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution RCE due to improper input validation. The vulnerability arises from a hardcoded SECRETKEY in the flask configuration, allowing attackers to forge a session cookie if authentication is enabled...

D-Tale Input Validation Error Vulnerability

Man Group D-Tale is a pandas data structure visualization tool from Man Group, Inc. An input validation error vulnerability exists in D-Tale, which stems from a hard-coded SECRETKEY in the flask configuration, which allows an attacker to forge a session cookie if authentication is enabled...

TerraMaster FS-210信任管理问题漏洞

The Terramaster TerraMaster FS-210 is a NAS Network Attached Storage device from Shenzhen, China-based Terramaster Electronics Technology Terramaster. A security vulnerability exists in Terramaster F4-210, F2-210 TOS version 4.2.X 4.2.15-2107141517, which can be exploited to allow an attacker to...

Hardcoded credentials

Use of a hard-coded cryptographic key in Pancake versions 4.13.29 allows an attacker to forge session cookies, which may lead to remote privilege escalation...