Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hard-coded vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-51588
This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exi...
NA
CVE-2005-2611
VERITAS Backup Exec for Windows Servers 8.6 up to and including 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 up to and including 5.1 uses a static password during authentication from the NDMP agent to the server, which allow...
Symantec Veritas Backup Exec Netware Servers 9.0.4170
Symantec Veritas Backup Exec Netware Servers 9.0.4172
Symantec Veritas Backup Exec Netware Servers 9.1.1152 .4
Symantec Veritas Backup Exec Netware Servers 9.1.1154
Symantec Veritas Backup Exec Windows Servers 8.6
Symantec Veritas Backup Exec Windows Servers 9.0
Symantec Veritas Backup Exec Windows Servers 9.1 Rev. 4691 Sp2
Symantec Veritas Backup Exec Remote Agent Netware Server
Symantec Veritas Netbackup Netware Media Servers 4.5 Fp5
Symantec Veritas Netbackup Netware Media Servers 4.5 Fp6
Symantec Veritas Netbackup Netware Media Servers 4.5 Mp5
Symantec Veritas Netbackup Netware Media Servers 4.5 Mp6
Symantec Veritas Netbackup Netware Media Servers 5.0 Mp4
Symantec Veritas Netbackup Netware Media Servers 5.0 Mp5
Symantec Veritas Netbackup Netware Media Servers 5.1
Symantec Veritas Backup Exec Netware Servers 9.1.1067 .2
Symantec Veritas Backup Exec Netware Servers 9.1.1067 .3
Symantec Veritas Backup Exec Netware Servers 9.1.1127 .1
Symantec Veritas Backup Exec Netware Servers 9.1.307
Symantec Veritas Backup Exec Windows Servers 10.0 Rev. 5484
Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4454
Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4454 Sp1
1 EDB exploit
9.8
CVSSv3
CVE-2019-13352
WolfVision Cynap prior to 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN pass...
Wolfvision Cynap
7.8
CVSSv3
CVE-2016-6434
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
Cisco Firepower Management Center 6.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2021-33219
An issue exists in CommScope Ruckus IoT Controller 1.7.1.0 and previous versions. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
Commscope Ruckus Iot Controller
9.1
CVSSv3
CVE-2019-15304
Lierda Grill Temperature Monitor V1.00_50006 has a default password of admin for the admin account, which allows an malicious user to cause a Denial of Service or Information Disclosure via the undocumented access-point configuration page located on the device. This wifi thermome...
Progradegrill Wifi Grilling Thermometer Firmware 1.00 50006
8.4
CVSSv3
CVE-2018-0141
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthenticated, local malicious user to log in to the underlying Linux operating system. The vulnerability is due to a hard-coded account password on the system. An attacker could exploi...
Cisco Prime Collaboration Provisioning 11.6
Cisco Prime Collaboration 11.6
Cisco Prime Collaboration Assurance 11.6
1 Article
7.5
CVSSv3
CVE-2016-5639
Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware prior to 1.4.0.13 allows remote malicious users to read arbitrary files via a .. (dot dot) in the src parameter.
Crestron Airmedia Am-100 Firmware
1 EDB exploit
1 Github repository
NA
CVE-2012-1803
RuggedCom Rugged Operating System (ROS) 3.10.x and previous versions has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote malicious users to obtain access by performing a calculation on this address value, and th...
Siemens Ruggedcom Rugged Operating System
1 EDB exploit
7.8
CVSSv3
CVE-2022-42973
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software (Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions p...
Schneider-electric Apc Easy Ups Online Monitoring Software
Schneider-electric Easy Ups Online Monitoring Software
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »