The product contains hard-coded credentials, such as a password or cryptographic key.
1,721 vulnerabilities with CWE-798
CVE-2020-11854
CRITICAL
Microfocus Application Performance Management - Hard-coded Credentials
CVSS 9.8
CVE-2020-27181
MEDIUM
konzept-ix publiXone <2020.015 - Info Disclosure
CVSS 6.5
CVE-2020-26879
CRITICAL
Ruckus vRioT <= 1.5.1.0.21 - Unauthenticated API Backdoor via Hardcoded Authorization Header
CVSS 9.8
CVE-2020-12501
CRITICAL
Pepperl+Fuchs P+F Comtrol - Auth Bypass
CVSS 9.8
CVE-2020-24218
CRITICAL
URayTech IPTV/H.264/H.265 <1.97 - Privilege Escalation
CVSS 9.8
CVE-2020-24215
CRITICAL
HiSilicon IPTV/H.264/H.265 Video Encoder Firmware - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-24620
HIGH
Unisys Stealth(core) <4.0.134 - Info Disclosure
CVSS 7.8
CVE-2020-25749
CRITICAL
Rubetek RV-3406, RV-3409, RV-3411 Firmware v339, v342 - Use of Hard-coded Credentials in Telnet Service
CVSS 9.8
CVE-2020-4622
HIGH
IBM Data Risk Manager < 2.0.6.4 - Use of Hard-coded Credentials
CVSS 7.5
CVE-2020-11857
CRITICAL
Micro Focus Operation Bridge Reporter < 10.40 - Authorization Bypass via Default Credentials
CVSS 9.8
CVE-2020-12789
HIGH
Microchip Atmel ATSAMA5 - Info Disclosure
CVSS 7.5
CVE-2020-25256
CRITICAL
Hyland OnBase Hard-coded Credentials in PKI Certificates
CVSS 9.1
CVE-2020-24876
CRITICAL
Pancake < 4.13.29 - Remote Privilege Escalation via Hard-coded Cryptographic Key
CVSS 9.8
CVE-2020-24115
CRITICAL
Online Book Store 1.0 - Info Disclosure
CVSS 9.8
CVE-2020-3446
CRITICAL
Cisco ENCS 5400-W and CSP 5000-W Series - Unauthenticated Remote Access via Default Credentials
CVSS 9.8
CVE-2020-14510
CRITICAL
GateManager < 9.2c - Unauthenticated Hardcoded Credential Exposure
CVSS 9.8
CVE-2020-24056
HIGH
Verint 5620PTZ, 4320, and S5120FD Firmware - Use of Hard-coded Credentials
CVSS 7.5
CVE-2020-24053
HIGH
Moog EXO Series EXVF5C-2 and EXVP7C2-3 - Use of Hard-coded Credentials
CVSS 7.5
CVE-2020-24574
HIGH
GOG GALAXY <2.0.41 - Privilege Escalation
CVSS 7.8
CVE-2020-16170
HIGH
temi Android app <= 1.3.7931 - Unauthenticated Call Eavesdropping via Hard-coded Credentials
CVSS 7.5
CVE-2020-13793
CRITICAL
Ivanti DSM netinst 5.1 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-7352
HIGH
GOG Galaxy < 1.2.64 and 2.0.x <= 2.0.12 - Local Privilege Escalation via GalaxyClientService
CVSS 8.4
CVE-2020-4459
CRITICAL
IBM Security Verify Access < 10.8 - Use of Hard-coded Credentials
CVSS 9.8
CVE-2020-3382
CRITICAL
Cisco Data Center Network Manager < 11.4(1) - Unauthenticated Authentication Bypass via Static Encryption Key
CVSS 9.8
CVE-2020-7515
HIGH
Easergy Builder < 1.4.7.2 - Use of Hard-coded Cryptographic Key
CVSS 7.8
Details
Vulnerabilities
1,721
Exploit Likelihood
High