EUVD-2025-206369

The web server of the Access Manager offers a functionality to download a backup of the local database stored on the device. This database contains the whole configuration. This includes encrypted MIFARE keys, card data, user PINs and much more. The PINs are even stored unencrypted. Combined with...

CVE-2025-59102 Secrets Stored in Plaintext in Database in dormakaba access manager

The web server of the Access Manager offers a functionality to download a backup of the local database stored on the device. This database contains the whole configuration. This includes encrypted MIFARE keys, card data, user PINs and much more. The PINs are even stored unencrypted. Combined with...

EUVD-2025-4171

Malicious code in bioql PyPI...

CVE-2023-49232

CVE-2023-49232 affects Stilog Visual Planning 8. An unauthenticated attacker can bypass authentication by brute-forcing administrative password reset PINs, enabling account access via the Visual Planning app. The vulnerability impacts the password-reset flow and can lead to administrative comprom...

CVE-2003-1276

Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEYCURRENTUSER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts...

CVE-2003-1276

Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEYCURRENTUSER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts...