Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-28 | CVE-2023-49228 | Use of Hard-coded Credentials vulnerability in Peplink Balance TWO Firmware 8.1.0 An issue was discovered in Peplink Balance Two before 8.4.0. | 6.4 |
| 2023-12-27 | CVE-2023-46918 | Use of Hard-coded Credentials vulnerability in Fedirtsapana Simple Http Server Plus 1.8.1Plus Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus has an Android manifest file that contains an entry with the android:allowBackup attribute set to true. | 4.6 |
| 2023-12-27 | CVE-2023-46919 | Use of Hard-coded Credentials vulnerability in Fedirtsapana Simple Http Server and Simple Http Server Plus Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K (AES) encryption key. | 6.3 |
| 2023-12-26 | CVE-2023-46711 | Use of Hard-coded Credentials vulnerability in Buffalo Vr-S1000 Firmware VR-S1000 firmware Ver. | 4.6 |
| 2023-12-25 | CVE-2023-40236 | Use of Hard-coded Credentials vulnerability in Pexip Virtual Meeting Rooms In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass. | 5.3 |
| 2023-12-20 | CVE-2023-47704 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0 IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. | 7.5 |
| 2023-12-19 | CVE-2023-43870 | Use of Hard-coded Credentials vulnerability in Paxton-Access Net2 6.02/6.07 When installing the Net2 software a root certificate is installed into the trusted store. | 9.8 |
| 2023-12-15 | CVE-2023-48388 | Use of Hard-coded Credentials vulnerability in Multisuns Easylog Web+ Firmware 1.13.2.8 Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. | 9.8 |
| 2023-12-15 | CVE-2023-48374 | Use of Hard-coded Credentials vulnerability in Csharp CWS Collaborative Development Platform 10.25 SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard-coded for a specific account with low privilege. | 6.5 |
| 2023-12-12 | CVE-2023-36647 | Use of Hard-coded Credentials vulnerability in Prolion Cryptospike 3.0.15 A hard-coded cryptographic private key used to sign JWT authentication tokens in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate arbitrary users and roles in web management and REST API endpoints via crafted JWT tokens. | 7.5 |