Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-29 | CVE-2024-49806 | Use of Hard-coded Credentials vulnerability in IBM Security Verify Access IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 9.8 |
| 2024-11-13 | CVE-2024-7295 | Use of Hard-coded Credentials vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information. | 6.2 |
| 2024-11-08 | CVE-2024-11026 | Use of Hard-coded Credentials vulnerability in Free-Now Freenow 12.10.0 A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. | 7.4 |
| 2024-11-06 | CVE-2024-10920 | Use of Hard-coded Credentials vulnerability in Mariazevedo88 Travels-Java-Api A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. | 3.7 |
| 2024-11-04 | CVE-2024-10748 | Use of Hard-coded Credentials vulnerability in Cosmote What'S UP 4.47.3 A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. | 4.7 |
| 2024-11-01 | CVE-2024-51431 | Use of Hard-coded Credentials vulnerability in Lb-Link Bl-Wr1300H Firmware 1.0.4 LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily guessable. | 9.8 |
| 2024-10-30 | CVE-2024-28875 | Use of Hard-coded Credentials vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. | 8.1 |
| 2024-10-30 | CVE-2024-31151 | Use of Hard-coded Credentials vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. | 9.8 |
| 2024-10-29 | CVE-2024-45656 | IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credentials which may allow network users to gain service privileges to the FSP. | 9.8 |
| 2024-10-23 | CVE-2024-20412 | Use of Hard-coded Credentials vulnerability in Cisco Firepower Threat Defense A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. | 8.4 |