• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-798

CVE-2020-27256

February 26, 2023 by

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin therapy settings.

CVE-2020-27278

February 26, 2023 by

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the ventilator allow attackers with physical access to obtain admin privileges for the device’s configuration interface.

CVE-2020-27181

February 26, 2023 by

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.

CVE-2020-26879

February 26, 2023 by

Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.

CVE-2020-26892

February 26, 2023 by

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled.

CVE-2020-26509

February 26, 2023 by

Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 35
  • Go to page 36
  • Go to page 37
  • Go to page 38
  • Go to page 39
  • Interim pages omitted …
  • Go to page 130
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE