anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT...Read More ...
Continue Reading
May 23, 2025
QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers'...Read More ...
Continue Reading
May 23, 2025
go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT...Read More ...
Continue Reading
May 23, 2025
Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client's JWT token. This issue affects OneWireless version...Read More ...
Continue Reading
May 23, 2025
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token (JWT) in the HTTP request sent ...
Continue Reading
May 23, 2025
QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers'...Read More ...
Continue Reading
May 23, 2025
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT...Read More ...
Continue Reading
May 23, 2025
MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been reported that can be exploited to craft arbitrary JWT tokens and subsequently bypass authenticat ...
Continue Reading
May 23, 2025
Back to Main
