CVE-2023-28978 Junos OS Evolved: Read access to some confidential user information is possible

An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured...

CVE-2022-36349

CVE-2022-36349 refers to insecure default variable initialization in BIOS firmware for Intel NUC Boards/Kits prior to MYi30060. The issue can allow an authenticated local user to cause denial of service. Intel’s advisory lists affected SKUs and firmware updates, recommending upgrading to MYi30060...

PT-2022-23323 · Intel · Intel Nuc Boards +1

Name of the Vulnerable Software and Affected Versions: IntelR NUC Boards and IntelR NUC Kits versions prior to MYi30060 Description: The issue is related to insecure default variable initialization in BIOS firmware, which may allow an authenticated user to potentially enable denial of service via...

PT-2022-21336 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.0.0 through 9.1.0.19 Dell PowerScale OneFS version 9.2.1.12 Dell PowerScale OneFS version 9.3.0.6 Dell PowerScale OneFS version 9.4.0.2 Description: The issue is related to an insecure default initialization o...

PT-2022-2742 · Siemens · Simatic Pcs 7 +2

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions V8.2 through V9.1 SIMATIC PCS 7 version V9.0 through V9.0 SP3 UC06 SIMATIC PCS 7 version V9.1 through V9.1 SP1 UC01 SIMATIC WinCC Runtime Professional versions V16 and earlier SIMATIC WinCC Runtime Professional version...

CVE-2021-27426 GE UR family insecure default variable initialization

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...

VulnCheck KEV: CVE-2022-24706

Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges...

Default configuration

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access...

CVE-2020-12327

Insecure default variable initialization in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2020-12327

Insecure default variable initialization in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow a privileged user to potentially enable information disclosure via local access...

CVE-2020-8705

Insecure default initialization of resource in IntelR Boot Guard in IntelR CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, IntelR TXE versions before 3.1.80 and 4.0.30, IntelR SPS versions before E504.01.04.400, E304.01.04.200, SoC-X04.00.04.200...

Default configuration

Insecure default initialization of resource in IntelR Boot Guard in IntelR CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, IntelR TXE versions before 3.1.80 and 4.0.30, IntelR SPS versions before E504.01.04.400, E304.01.04.200, SoC-X04.00.04.200...

CVE-2019-14565

Insufficient initialization in IntelR SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access...

Gentoo Security Advisory GLSA 200603-15 (crypt-cbc)

The remote host is missing updates announced in advisory GLSA 200603-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200505-15 : gdb: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200505-15 gdb: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the BFD library, resulting in a heap overflow. A review also showed that by default, gdb insecurely...