CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (S
A Remote Code Execution vulnerability has been discovered in Sonatype Nexus Repository 2.
This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1.
CWE-798: Use of Hard-coded Credentials
UNI-NMS-Lite uses hard-coded credentials that could allow an
unauthenticated attacker to read, manipulate and create entries in the
managed database.
An authenticated administrator who configures or tests LDAP connectivity in Sonatype Nexus Repository Manager versions 3.0.0 through 3.91.1 may be able to initiate unintended server-side connections w
UNI-NMS-Lite uses hard-coded credentials that could allow an
unauthenticated attacker to gain administrative privileges to all
UNI-NMS managed devices.
A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute arbitrary code,
CWE-798 Use of Hard-coded Credentials
An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.
A reflected cross-site scripting vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.90.2 that allows unauthenticated remote attackers to execute arbitrary JavaScript in a victi
Sonatype Nexus Repository Manager before 3.93.0 contains an authorization vulnerability in the proxy repository configuration that allows a delegated repository administrator to disclose stored upstre
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: t
A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.
A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1)
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port.
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could lead to loss of
confidentiality when a malicious user, having physical access, sets the radio in factory
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an
attacker to execute unauthorized commands when a system’s default password credentials have not
A use of hard-coded credentials vulnerability in Fortinet FortiWeb 7.6.0, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker with shell
Page 1+ Next →