Vulnerabilities (CVE)

Filtered by CWE-255
Total 724 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-6531 1 Opendental 1 Opendental 2024-07-03 7.5 HIGH 9.8 CRITICAL
Open Dental 16.1 and earlier has a hardcoded MySQL root password, which allows remote attackers to obtain administrative access by leveraging access to intranet TCP port 3306. NOTE: the vendor disputes this issue, stating that the "vulnerability note ... is factually false ... there is indeed a default blank password, but it can be changed ... We recommend that users change it, each customer receives direction.
CVE-2013-4732 2 Digital Alert Systems, Monroe Electronics 2 Dasdec Eas, R189 One-net Eas 2024-05-17 10.0 HIGH N/A
The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions by sniffing the network. NOTE: VU#662676 states "Monroe Electronics could not reproduce this finding.
CVE-2013-3734 1 Redhat 1 Jboss Application Server 2024-05-17 6.0 MEDIUM 6.6 MEDIUM
The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow (1) man-in-the-middle attackers to obtain sensitive information by leveraging failure to use SSL or (2) attackers to obtain sensitive information by reading the HTML source code. NOTE: the vendor says that this does not cross a trust boundary and that it is recommended best-practice that SSL is configured for the administrative console
CVE-2008-7320 1 Gnome 1 Seahorse 2024-05-17 2.1 LOW 6.8 MEDIUM
GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision
CVE-2004-2722 1 Nessus 1 Nessus 2024-05-17 2.1 LOW N/A
Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue
CVE-2009-4781 1 Tukeva 1 Password Reminder 2024-02-14 7.2 HIGH N/A
TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for rem.accdb, which allows local users to discover credentials via a DBI connection.
CVE-2007-4598 1 Ibm 1 Surepos 500 2024-02-14 4.6 MEDIUM N/A
IBM SurePOS 500 has (1) a default password of "12345" for the manager and (2) blank default passwords for operator accounts.
CVE-2008-5848 1 Advantech 14 Adam-6015, Adam-6017, Adam-6018 and 11 more 2024-02-14 10.0 HIGH N/A
The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and (1) monitor or (2) control the module's Modbus/TCP I/O activity.
CVE-2009-2435 1 Ibm 1 Lotus Instant Messaging And Web Conferencing 2024-02-14 5.0 MEDIUM N/A
The Sametime server in IBM Lotus Instant Messaging and Web Conferencing 6.5.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
CVE-2006-3203 1 Ultimate Php Board 1 Ultimate Php Board 2024-02-14 10.0 HIGH N/A
The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges.
CVE-2009-5066 1 Redhat 2 Jboss Community Application Server, Jboss Enterprise Application Platform 2024-02-14 2.1 LOW N/A
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.
CVE-2019-13560 1 Dlink 2 Dir-655, Dir-655 Firmware 2023-12-10 5.0 MEDIUM 9.8 CRITICAL
D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter.
CVE-2016-10791 1 Cpanel 1 Cpanel 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559).
CVE-2017-8417 1 Dlink 4 Dcs-1100, Dcs-1100 Firmware, Dcs-1130 and 1 more 2023-12-10 3.3 LOW 8.8 HIGH
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device requires that a user logging into the device provide a username and password. However, the device allows D-Link apps on the mobile devices and desktop to communicate with the device without any authentication. As a part of that communication, the device uses custom version of base64 encoding to pass data back and forth between the apps and the device. However, the same form of communication can be initiated by any process including an attacker process on the mobile phone or the desktop and this allows a third party to retrieve the device's password without any authentication by sending just 1 UDP packet with custom base64 encoding. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.
CVE-2017-6900 1 Riello-ups 2 Netman 204, Netman 204 Firmware 2023-12-10 10.0 HIGH 9.8 CRITICAL
An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When calling wrongpass, the variables $VAL0 and $VAL1 should be enclosed in quotes to prevent the potential for Bash command injection. Further to this, VAL0 and VAL1 should be sanitised to ensure they do not contain malicious characters. Passing it the username of '-' will cause it to time out and log the user in because of poor error handling. This will log the attacker in as an administrator where the telnet / ssh services can be enabled, and the credentials for local users can be reset. Also, login.cgi accepts the username as a GET parameter, so login can be achieved by browsing to the /cgi-bin/login.cgi?username=-%20a URI.
CVE-2019-7690 1 Mobatek 1 Mobaxterm 2023-12-10 5.0 MEDIUM 9.8 CRITICAL
In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from the remote SSH server. This affects Passwordless Authentication that has a Password Protected SSH Private Key.
CVE-2017-9385 1 Getvera 4 Veraedge, Veraedge Firmware, Veralite and 1 more 2023-12-10 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtain on the device. This web interface uses root as the username and the password in the /etc/cmh/cmh.conf file which can be extracted by an attacker using a directory traversal attack, and then log in to the device with the highest privileges.
CVE-2017-13717 1 Starry 2 S00111, S00111 Firmware 2023-12-10 4.3 MEDIUM 8.8 HIGH
Starry Station (aka Starry Router) sets the Access-Control-Allow-Origin header to "*". This allows any hosted file on any domain to make calls to the device's webserver and brute force the credentials and pull any information that is stored on the device. In this case, a user's Wi-Fi credentials are stored in clear text on the device and can be pulled easily.
CVE-2017-9326 1 Cloudera 1 Cloudera Manager 2023-12-10 3.5 LOW 7.5 HIGH
The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not exposed.
CVE-2019-4381 1 Ibm 1 I 2023-12-10 2.1 LOW 5.5 MEDIUM
IBM i 7.27.3 Clustering could allow a local attacker to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. An attacker could exploit this vulnerability to obtain HMC credentials. IBM X-Force ID: 162159.