PT-2025-15464 · Zoom · Zoom Workplace Apps

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps for Windows affected versions not specified Description: The issue is related to insecure default variable initialization, which may allow an authenticated user to conduct a loss of integrity via local access...

Zoom Workplace 安全漏洞

Zoom Workplace Apps for Windows is an official suite of collaboration tools from Zoom that includes core features such as team chat, whiteboards, notes, and more, and is required to be used through a Zoom Meetings account. A security vulnerability exists in Zoom Workplace Apps for Windows, which...

PT-2025-15688 · Schneider Electric · Trio Q Data Radio +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A vulnerability exists due to the initialization of a resource with an insecure default, potentially leading to unauthorized access. This could result in the loss of confidentiality,...

Apache Solr Code Issue Vulnerability

Apache Solr is the United States Apache Apache Foundation of a search server based on Lucene a full-text search engine. The product supports level search , vertical search , highlighting search results and so on. A code issue vulnerability exists in Apache Solr, which stems from the presence of a...

GHSA-H7W9-C5VX-X7J3 Insecure Default Initialization of Resource vulnerability in Apache Solr

New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the flag are trusted implicitly if the metadata is missing, therefore this leads to "trusted"...

PT-2024-31485 · Apache · Apache Solr

Name of the Vulnerable Software and Affected Versions: Apache Solr versions 6.6.0 through 8.11.3 Apache Solr versions 9.0.0 through 9.6.x Description: The issue arises from the insecure default initialization of resources in Apache Solr, where new ConfigSets created via a Restore command lack the...

GO-2023-1879 Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource in go.temporal.io/server

Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource in go.temporal.io/server...

PT-2024-5244

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series affected versions not specified Description: The issue is related to the insecure initialization of a resource in the Telnet service of the affected devices, allowing a remote attacker to impact...

CVE-2024-25972

CVE-2024-25972 affects Atsumi Electric Co., Ltd.’s OET-213H-BTS1. The issue is an insecure initial configuration (CWE-1188) where the product does not perform authorization checks for API requests, enabling a network-adjacent, unauthenticated attacker to configure and control the device. Document...

Apache Superset Insecure Default Initialization of Resource Vulnerability

Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to authenticate and access unauthorized resources on installations that have not altered the default configured SECRETKEY according to installation instructions...

Insecure AES Initialization Vector

PyPinkSign is vulnerable to the Insecure Initialization Vector. The vulnerability is due to usage of static Initialization Vector for AES encryption. This could lead to Information Disclosure...

Input validation

Improper initialization in some IntelR Aptio V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-40349

Jenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs...

GHSA-GM2G-2XR9-PXXJ Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

Information Disclosure

Apache InLong is vulnerable to Information Disclosure. The vulnerability exists in multiple functions due to Insecure Default Initialization of Resources, which allows a remote attacker to access deleted user's data after registering...

CVE-2023-28978 Junos OS Evolved: Read access to some confidential user information is possible

An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured...

CVE-2022-36349

CVE-2022-36349 refers to insecure default variable initialization in BIOS firmware for Intel NUC Boards/Kits prior to MYi30060. The issue can allow an authenticated local user to cause denial of service. Intel’s advisory lists affected SKUs and firmware updates, recommending upgrading to MYi30060...

PT-2022-23323 · Intel · Intel Nuc Boards +1

Name of the Vulnerable Software and Affected Versions: IntelR NUC Boards and IntelR NUC Kits versions prior to MYi30060 Description: The issue is related to insecure default variable initialization in BIOS firmware, which may allow an authenticated user to potentially enable denial of service via...

PT-2022-21336 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.0.0 through 9.1.0.19 Dell PowerScale OneFS version 9.2.1.12 Dell PowerScale OneFS version 9.3.0.6 Dell PowerScale OneFS version 9.4.0.2 Description: The issue is related to an insecure default initialization o...

PT-2022-2742 · Siemens · Simatic Pcs 7 +2

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions V8.2 through V9.1 SIMATIC PCS 7 version V9.0 through V9.0 SP3 UC06 SIMATIC PCS 7 version V9.1 through V9.1 SP1 UC01 SIMATIC WinCC Runtime Professional versions V16 and earlier SIMATIC WinCC Runtime Professional version...