Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-31 | CVE-2021-42635 | Use of Hard-coded Credentials vulnerability in Printerlogic web Stack 19.1.1.13 PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution. | 8.1 |
| 2022-01-31 | CVE-2020-36064 | Use of Hard-coded Credentials vulnerability in Online Course Registration Project Online Course Registration 1.0 Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. | 9.8 |
| 2022-01-28 | CVE-2022-21199 | Use of Hard-coded Credentials vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W v3.0.0.136_20121102. | 5.9 |
| 2022-01-21 | CVE-2021-23233 | Use of Hard-coded Credentials vulnerability in Fresenius-Kabi products Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. | 9.8 |
| 2022-01-21 | CVE-2021-44464 | Use of Hard-coded Credentials vulnerability in Fresenius-Kabi products Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. | 8.8 |
| 2022-01-21 | CVE-2022-22928 | Use of Hard-coded Credentials vulnerability in Mingsoft Mcms 5.2.4 MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key and execute arbitrary code. | 9.8 |
| 2022-01-19 | CVE-2021-23842 | Use of Hard-coded Credentials vulnerability in Bosch products Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. | 7.1 |
| 2022-01-17 | CVE-2022-0131 | Use of Hard-coded Credentials vulnerability in Jmty Jimoty Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. | 3.3 |
| 2022-01-14 | CVE-2022-22056 | Use of Hard-coded Credentials vulnerability in Le-Yan Dental Management System Project Le-Yan Dental Management System 2.8.5 The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service. | 9.8 |
| 2022-01-11 | CVE-2021-43052 | Use of Hard-coded Credentials vulnerability in Tibco FTL The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that allows authentication bypass due to a hard coded secret used in the default realm server of the affected system. | 7.5 |