15 matches found
Exploit for CVE-2026-21847
CVE-2026-21847: Hardcoded AES Encryption Key in DPDC Customer...
CVE-2026-24772
OpenProject is an open-source, web-based project management software. To enable the real time collaboration on documents, OpenProject 17.0 introduced a synchronization server. The OpenPrioject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a share...
CVE-2026-24772
OpenProject is an open-source, web-based project management software. To enable the real time collaboration on documents, OpenProject 17.0 introduced a synchronization server. The OpenPrioject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a share...
CVE-2026-24772 OpenProject has SSRF and CSWSH in Hocuspocus Synchronization Server
OpenProject is an open-source, web-based project management software. To enable the real time collaboration on documents, OpenProject 17.0 introduced a synchronization server. The OpenPrioject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a share...
CVE-2026-24772
OpenProject 17.0 introduced a synchronization server that exchanges an encrypted authentication token with the backend. The backend generates a 24-hour token, encrypted with a shared secret, which the frontend passes to the synchronization server. The synchronization server fails to validate the ...
CVE-2026-24772 OpenProject has SSRF and CSWSH in Hocuspocus Synchronization Server
OpenProject is an open-source, web-based project management software. To enable the real time collaboration on documents, OpenProject 17.0 introduced a synchronization server. The OpenPrioject backend generates an authentication token that is currently valid for 24 hours, encrypts it with a share...
CVE-2025-52268
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid login tokens...
CVE-2025-52268
StarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid login tokens...
StarCharge Artemis AC Charger 安全漏洞
StarCharge Artemis AC Charger is an AC charger from StarCharge Singapore. A security vulnerability exists in the StarCharge Artemis AC Charger version 7-22 kW 1.0.4, which stems from the use of a hard-coded AES key, which could allow an attacker to forge or decrypt a valid login token...
PT-2025-43959
Name of the Vulnerable Software and Affected Versions StarCharge Artemis AC Charger version 1.0.4 Description The StarCharge Artemis AC Charger version 1.0.4 contains a hardcoded AES key. This allows attackers to forge or decrypt valid login tokens. Recommendations At the moment, there is no...
EUVD-2020-19058
Malware in sbrugna...
CVE-2025-55619
Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering...
CVE-2025-55619
Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering...
PT-2025-34450 · Reolink · Reolink
Name of the Vulnerable Software and Affected Versions: Reolink version 4.54.0.4.20250526 Description: The Reolink application contains a hardcoded encryption key and initialization vector. This allows an attacker to decrypt access tokens and web session tokens through reverse engineering...
Reolink App 安全漏洞
Reolink App is a mobile application from Reolink USA. A security vulnerability exists in Reolink App version v4.54.0.4.20250526, which stems from the use of hard-coded encryption keys and initialization vectors, which could lead to the decryption of access tokens and session tokens...