Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The PDBM application relies on a static, hard‑coded secret embedded in the PDBM.exe executable. This secret is used by the application’s encryption routines, including the function responsible for d
CVE-2026-22906
CRITICAL CVSS 9.8
Find Similar
User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords
A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software. An
CVE-2024-50588
CRITICAL CVSS 9.8
Find Similar
An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the datab
A vulnerability was identified in MEPIS RM, an industrial software product developed by Metronik. The application contained a hardcoded cryptographic key within the Mx.Web.ComponentModel.dll component
CVE-2024-4996
CRITICAL CVSS 9.3
Find Similar
Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is s
Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical acros
User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numb
The credentials of the users stored in the system's local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the confide
User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numb
Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach a
Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll (Veramark.Core.Config class). These keys are used to encrypt the password of the s
A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server applications store user passwords encrypted in its database. Decryption keys are accessible to users wit
The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database ser
User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numb
The use of a hard-coded encryption key in calls to the Password function in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows a local attacker to decrypt database credentials by
CVE-2024-10025
CRITICAL CVSS 9.1
Find Similar
A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK pr
Hard-coded credentials were included as part of the application binary. These credentials served as part of the application authentication flow and communication with the mobile application. An atta
The program libraries (DLL) and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algori
A flaw has been found in code-projects Hospital Management System 1.0. Affected is the function session of the component express-session. This manipulation of the argument secret with the input secret
Page 1+ Next →