65 matches found
CVE-2025-14758 Initialization of a Resource with an Insecure Default in YAOOK
Incorrect configuration of replication security in the MariaDB component of the infra-operator in YAOOK Operator allows an on-path attacker to read database contents, potentially including credentials...
Multiple vulnerabilities in GroupSession
Overview GroupSession provided by Japan Total System Co.,Ltd. contains multiple vulnerabilities listed below. Stored cross-site scripting CWE-79 - CVE-2025-53523 Stored cross-site scripting CWE-79 - CVE-2025-54407 Reflected cross-site scripting CWE-79 - CVE-2025-57883 Cross-site request forgery...
Insecure Default Initialization of Resource
Overview io.jenkins.plugins:eggplant-runner is a The Eggplant DAI Plugin for Jenkins launches DAI tests from within a Jenkins pipeline. You can use it to continuously test your application using Eggplant's model-based approach to testing. For more information about Eggplant, visit...
EUVD-2023-1556
Malicious code in bioql PyPI...
CVE-2025-2441
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could lead to loss of confidentiality when a malicious user, having physical access, sets the radio in factory default mode where the product does not correctly initialize all data...
Insecure Default Initialization of Resource
Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the default newsletter opt-in settings. An attacker can abuse the system for mass unsolicited newsletter sign-ups without requiring...
CVE-2025-2441
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could lead to loss of confidentiality when a malicious user, having physical access, sets the radio in factory default mode where the product does not correctly initialize all data...
CVE-2025-29985
Dell Common Event Enabler, versions CEE 9.0.0.0, contains an Initialization of a Resource with an Insecure Default vulnerability in the Common Anti-Virus Agent CAVA. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access...
Insecure Default Initialization of Resource
Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to the defaultfilesystemdisk configuration. An attacker can access sensitive data by exploiting the default public storage setting. Remediation Upgrade filament/actions to version 3.2.123 ...
BIT-SOLR-2024-45217 Apache Solr: ConfigSets created during a backup restore command are trusted implicitly
Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the flag are trusted...
CVE-2024-45217
Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the flag are trusted...
CVE-2024-45217
Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the flag are trusted...
CVE-2024-45217 Apache Solr: ConfigSets created during a backup restore command are trusted implicitly
Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the flag are trusted...
CVE-2024-45217
CVE-2024-45217 describes an insecure default initialization of resources in Apache Solr. New ConfigSets created via Restore may be created without the trusted metadata, causing some ConfigSets to be implicitly trusted and potentially able to load custom code into classloaders. The issue affects S...
Apache Solr 安全漏洞
Apache Solr is the United States Apache Apache Foundation of a search server based on Lucene a full-text search engine. The product supports level search , vertical search , highlighting search results and so on. A code issue vulnerability exists in Apache Solr, which stems from the presence of a...
NewStart CGSL MAIN 6.02 : perl-HTTP-Tiny Multiple Vulnerabilities (NS-SA-2024-0058)
The remote NewStart CGSL host, running version MAIN 6.02, has perl-HTTP-Tiny packages installed that are affected by multiple vulnerabilities: - It was found that perl can load modules from the current directory if not found in the module directories, via the @INC path. A local, authenticated...
Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series
Overview FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. Initialization of a Resource with an Insecure Default CWE-1188 - CVE-2024-31070 Active Debug Code CWE-489 - CVE-2024-36475 OS Command Injection CWE-78 -...
Exploit for Insecure Default Initialization of Resource in Apache Superset
Badges !MIT Licensehttps://img.shields.io/badge/Licens...
Insecure Default Initialization of Resource
Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the Liferay-Portal response header. An attacker can obtain sensitive version information by sending crafted HTTP...
CVE-2023-3453 ETIC Telecom Insecure Default Initialization of Resource
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition...