Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-01 | CVE-2023-28937 | Use of Hard-coded Credentials vulnerability in Saison Dataspider Servista DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. | 8.8 |
| 2023-05-30 | CVE-2023-31184 | Use of Hard-coded Credentials vulnerability in Rozcom Client ROZCOM client CWE-798: Use of Hard-coded Credentials | 7.8 |
| 2023-05-24 | CVE-2023-1944 | Use of Hard-coded Credentials vulnerability in Kubernetes Minikube This vulnerability enables ssh access to minikube container using a default password. | 7.8 |
| 2023-05-23 | CVE-2023-27512 | Use of Hard-coded Credentials vulnerability in Contec Sv-Cpt-Mc310 Firmware and Sv-Cpt-Mc310F Firmware Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10, and SV-CPT-MC310F versions prior to Ver.8.10, which may allow a remote authenticated attacker to login the affected product with an administrative privilege and perform an unintended operation. | 7.2 |
| 2023-05-23 | CVE-2023-27921 | Use of Hard-coded Credentials vulnerability in Jins Meme Firmware 2.2.0 JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may lead to data acquired by a sensor of the affected product being decrypted by a network-adjacent attacker. | 6.5 |
| 2023-05-22 | CVE-2023-33236 | Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0 MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. | 9.8 |
| 2023-05-10 | CVE-2023-30352 | Use of Hard-coded Credentials vulnerability in Tenda CP3 Firmware 11.10.00.2211041355 Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. | 9.8 |
| 2023-05-03 | CVE-2023-26203 | Use of Hard-coded Credentials vulnerability in Fortinet Fortinac and Fortinac-F A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated attacker to access to the database via shell commands. | 7.8 |
| 2023-05-02 | CVE-2023-26089 | Use of Hard-coded Credentials vulnerability in Echa.Europa Iuclid European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing. | 9.8 |
| 2023-04-28 | CVE-2022-41397 | Use of Hard-coded Credentials vulnerability in Sage 300 The optional Web Screens and Global Search features for Sage 300 through version 2022 use a hard-coded 40-byte blowfish key ("LandlordPassKey") to encrypt and decrypt secrets stored in configuration files and in database tables. | 9.8 |