CWE-547 · Use of Hard-coded, Security-relevant Constants
11 CVEs classified under CWE-547 (Use of Hard-coded, Security-relevant Constants). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-30206 | Critical | 9.8 | 2025-04-15 | Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its de… |
CVE-2023-1712 | Critical | 9.1 | 2023-03-30 | Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30. |
CVE-2019-14837 | Critical | 9.1 | 2020-01-07 | A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a clien… |
CVE-2024-39888 | High | 7.5 | 2024-07-09 | A vulnerability has been identified in Mendix Encryption (All versions >= V10.0.0 < V10.0.2). Affected versions of the module define a specific hard-coded defa… |
CVE-2024-32021 | Low | 3.9 | 2024-05-14 | Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that con… |
CVE-2025-23253 | Low | 2.5 | 2025-04-22 | NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying… |
CVE-2026-28256 | | 2026-03-12 | A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensiti… | |
CVE-2025-49151 | | 2025-06-25 | The affected products could allow an unauthenticated attacker to generate forged JSON Web Tokens (JWT) to bypass authentication. | |
CVE-2025-2081 | | 2025-03-13 | Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 are vulnerable to an attacker impersonating the web applic… | |
CVE-2025-2079 | | 2025-03-13 | Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attac… | |
CVE-2024-41885 | | 2024-12-24 | Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. The seed string for the encrypt key was hardcoding. Th… |