Vulnerabilities > Use of Hard-coded Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-03 | CVE-2023-34284 | Use of Hard-coded Credentials vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. | 6.3 |
| 2024-04-19 | CVE-2024-29966 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. | 9.8 |
| 2024-04-19 | CVE-2024-29960 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav In Brocade SANnav server before v2.3.1 and v2.3.0a, the SSH keys inside the OVA image are identical in the VM every time SANnav is installed. | 7.5 |
| 2024-04-19 | CVE-2024-29963 | Use of Hard-coded Credentials vulnerability in Broadcom Brocade Sannav Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. | 3.8 |
| 2024-04-17 | CVE-2024-21990 | Use of Hard-coded Credentials vulnerability in Netapp Ontap Select Deploy Administration Utility ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials. | 9.8 |
| 2024-03-13 | CVE-2024-28194 | Use of Hard-coded Credentials vulnerability in Yooooomi Your Spotify your_spotify is an open source, self hosted Spotify tracking dashboard. | 9.8 |
| 2024-02-15 | CVE-2024-0390 | Use of Hard-coded Credentials vulnerability in Inprax Izzi Connect INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. | 9.8 |
| 2024-02-15 | CVE-2023-4539 | Use of Hard-coded Credentials vulnerability in Comarch ERP XL Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data stored in the database. | 7.5 |
| 2024-02-07 | CVE-2023-38995 | Use of Hard-coded Credentials vulnerability in Schuhfried 8.22.00 An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command. | 9.8 |
| 2024-02-06 | CVE-2024-22853 | Use of Hard-coded Credentials vulnerability in Dlink Go-Rt-Ac750 Firmware 101B03 D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. | 9.8 |