Lucene search
K

137 matches found

NVD
NVD
added 2024/11/18 10:15 p.m.34 views

CVE-2024-51051

AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account...

9.8CVSS0.00452EPSS
Exploits0References2
OSV
OSV
added 2024/08/13 11:15 a.m.5 views

CVE-2024-40697

IBM Common Licensing 9.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 297895...

7.5CVSS5.8AI score0.00489EPSS
Exploits0References2
OSV
OSV
added 2024/03/03 1:15 p.m.7 views

CVE-2024-22355

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 280781...

5.9CVSS5.8AI score0.0041EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/23 12:0 a.m.5 views

PT-2024-2064 · Hitron · Coda-4589 +1

Name of the Vulnerable Software and Affected Versions: Hitron CODA-4582 and CODA-4589 devices affected versions not specified Description: The issue is related to insufficient entropy due to the use of default PSKs, which are generated from 5-digit hex values concatenated with a "Hitron" substrin...

9.8CVSS6.9AI score0.00864EPSS
Exploits0References13
CNNVD
CNNVD
added 2024/02/07 12:0 a.m.6 views

IBM Security Access Manager Container Security Vulnerability

IBM Security Access Manager Container is a containerized identity and access management solution from International Business Machines IBM. A security vulnerability exists in IBM Security Access Manager Container that stems from not requiring docker images to have strong passwords by default, whic...

7.5CVSS6.5AI score0.00532EPSS
Exploits1References3
0day.today
0day.today
added 2023/06/12 12:0 a.m.270 views

Anevia Flamingo XL/XS 3.6.x Default / Hardcoded Credentials Vulnerability

Anevia Flamingo XL/XS versions 3.6.20 and 3.2.9 have a weak set of default and hardcoded administrative credentials that can be easily guessed in remote password attacks and gain full control of the system. Anevia Flamingo XL/XS 3.6.x Default/Hard-coded Credentials Vendor: Ateme Product web page:...

7.4AI score
Exploits0
CVE
CVE
added 2023/04/13 12:0 a.m.70 views

CVE-2023-27746

CVE-2023-27746 affects BlackVue DR750-2CH LTE (v.1.012_2022.10.26). The issue is a weak default passphrase that can be cracked via brute force if the WPA2 handshake is intercepted, enabling unauthorized access. Exploitation status is not provided in the documents. Remediation guidance is present ...

9.8CVSS9.3AI score0.01752EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/01/23 3:15 p.m.18 views

CVE-2021-43444

ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key...

7.5CVSS7.5AI score
Exploits0References3
CNNVD
CNNVD
added 2022/08/18 12:0 a.m.3 views

Contract Management System 授权问题漏洞

Contract Management System is a contract management system. It enables companies to create new contracts and track the status of existing contracts to ensure that employees, vendors, and customers meet defined requirements. A security vulnerability exists in Contract Management System version v2....

7.5CVSS7.3AI score0.00689EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/18 12:0 a.m.4 views

PT-2022-22628 · Unknown · Contract Management System

Name of the Vulnerable Software and Affected Versions: Contract Management System version 2.0 Description: The issue is related to a weak default password in the Contract Management System, which allows attackers to access database connection information. Recommendations: For Contract Management...

7.5CVSS7.4AI score0.00689EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.6 views

IBM Robotic Process Automation 安全漏洞

IBM Robotic Process Automation is a robotic process automation product from IBM USA. IBM Robotic Process Automation versions 21.0.0, 21.0.1 and 21.0.2 have a security vulnerability that stems from the fact that users are not required to have strong passwords by default, which can be exploited by...

9.8CVSS6.7AI score0.00669EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/04 12:0 a.m.5 views

CVE-2022-35280

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634...

9.8CVSS5.8AI score0.00669EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/02 2:15 p.m.3 views

CVE-2022-29729

Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password generation algorithm which generates passwords that are accessible to unauthenticated attackers via the webUI login page...

7.5CVSS7.1AI score0.01418EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/05/18 12:0 a.m.7 views

Lenovo Personal Cloud Storage 信任管理问题漏洞

Lenovo Personal Cloud Storage Lenovo Personal Cloud Storage is a personal cloud storage from Lenovo China.Lenovo Personal Cloud Storage is vulnerable to a trust management issue, which stems from a weak default administrator password for the web interface and serial port, which could be exploited...

8.8CVSS5.4AI score0.00233EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/05/18 12:0 a.m.7 views

PT-2022-11704 · Lenovo · Lenovo Personal Cloud Storage

Name of the Vulnerable Software and Affected Versions: Lenovo Personal Cloud Storage devices affected versions not specified Description: A weak default password for the serial port was reported, which could allow unauthorized device access to an attacker with physical access. Recommendations: At...

6.8CVSS6.5AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/18 12:0 a.m.6 views

Lenovo Personal Cloud Storage 授权问题漏洞

Lenovo Personal Cloud Storage is a cloud storage platform from Lenovo, a Chinese company. Lenovo Personal Cloud Storage is vulnerable to a trust management issue that stems from a weak default password for the serial port in the device, which could be exploited by an attacker to gain physical...

6.8CVSS5.4AI score0.00224EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/01/25 8:55 p.m.30 views

CVE-2021-43799 RabbitMQ exposes ports with weak default secrets in Zulip Server

Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. In versions of Zulip Server prior to 4.9, the initial installation until first reboot, or restart of RabbitMQ does not successfully limit the default ports which RabbitMQ opens; this...

8.6CVSS9.8AI score0.05386EPSS
Exploits1References4
OSV
OSV
added 2021/12/06 4:15 a.m.4 views

CVE-2021-43044

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The SNMP daemon was configured with a weak default community...

9.8CVSS5.8AI score
Exploits0References3
NVD
NVD
added 2021/12/06 4:15 a.m.27 views

CVE-2021-43044

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The SNMP daemon was configured with a weak default community...

9.8CVSS0.01862EPSS
Exploits1References3
Prion
Prion
added 2021/12/06 4:15 a.m.24 views

Default credentials

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The SNMP daemon was configured with a weak default community...

7.5CVSS9.3AI score0.01862EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder