Weaknesses of type CWE-798

826 results
CVE-2025-35940HIGHHard-coded ArchiverSpaApi JWT Signing KeyEPSS 0.3%CVE-2025-40938CRITICALA vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected device stores sensitive information in the firmEPSS 0.3%CVE-2022-42176HIGHIn PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access.EPSS 0.3%CVE-2025-47730MEDIUMThe TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive SiEPSS 0.3%CVE-2026-6578MEDIUMliangliangyy DjangoBlog Setting settings.py hard-coded credentialsEPSS 0.3%CVE-2023-49223HIGHPrecor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive information because the root password is storEPSS 0.3%CVE-2019-1919HIGHCisco FindIT Network Management Software Static Credentials VulnerabilityEPSS 0.3%CVE-2025-54872HIGHonion-site-template tor Secrets Baked Into ImageEPSS 0.3%CVE-2025-33186HIGHNVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability might lead to escalation of privileges, informaEPSS 0.3%CVE-2025-2765HIGHCarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass VulnerabilityEPSS 0.3%CVE-2023-3262MEDIUMThe Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internalEPSS 0.3%CVE-2026-22900MEDIUMQuNetSwitchEPSS 0.3%CVE-2024-49806CRITICALIBM Security Verify Access Appliance hard coded credentialsEPSS 0.3%CVE-2023-49222HIGHPrecor touchscreen console P82 contains a private SSH key that corresponds to a default public key. A remote attacker could exploit this to EPSS 0.3%CVE-2024-1661LOWTotolink X6000R shadow hard-coded credentialsEPSS 0.3%CVE-2018-8857Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.EPSS 0.3%CVE-2026-36538HIGHNetis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account iEPSS 0.3%CVE-2025-60639MEDIUMHardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c (2025-05-26).EPSS 0.3%CVE-2023-28897MEDIUMHard-coded password for UDS servicesEPSS 0.3%CVE-2020-27256In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump aEPSS 0.3%