65 matches found
CVE-2023-3453 ETIC Telecom Insecure Default Initialization of Resource
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition...
CVE-2023-31486
A vulnerability was found in Tiny, where a Perl core module and standalone CPAN package, does not verify TLS certificates by default. Users need to explicitly enable certificate verification with the verifySSL=1 flag to ensure secure HTTPS connections. This oversight can potentially expose...
Insecure Default Initialization
com.liferay.portal, com.liferay.portal.impl is vulnerable to Insecure Default Initialization. The vulnerability exists because the default configuration does not require users to verify their email addresses. It allows remote attackers to create accounts using fake email addresses or addresses th...
GHSA-H79M-5CM2-278C User data exposure in Apache InLong
Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or...
CVE-2023-31101
CVE-2023-31101 affects Apache InLong 1.5.0–1.6.0 and allows users registered later to see data from deleted users due to insecure default initialization of resources. The vulnerability is categorized as an information disclosure issue; the publicly available fix is to upgrade to InLong 1.7.0 or c...
PT-2023-23156 · Apache · Apache Inlong
Name of the Vulnerable Software and Affected Versions: Apache InLong versions 1.5.0 through 1.6.0 Description: This issue allows users registered in InLong who joined later to see deleted users' data. The problem is related to insecure default initialization of resources. Recommendations: For...
Juniper Junos OS Vulnerability (JSA70603)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70603 advisory. - An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain...
CVE-2023-28978
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured...
CVE-2023-28978
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured...
Default configuration
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured...
PT-2023-22060 · Juniper Networks · Junos Evolved
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 20.4R3-S7-EVO Juniper Networks Junos OS Evolved version 21.1-EVO versions prior to 21.1R3-S4-EVO Juniper Networks Junos OS Evolved version 21.2-EVO versions prior to 21.2R3-S5-EVO Juniper...
CVE-2023-28978 Junos OS Evolved: Read access to some confidential user information is possible
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured...
CVE-2023-28978
The CVE-2023-28978 vulnerability affects Juniper Networks Junos OS Evolved and is caused by insecure default initialization of a resource. An unauthenticated, network-based attacker can read confidential information about locally configured administrative users. Affected releases include Junos OS...
GHSA-FMQ7-GH8V-MJVC WildFly vulnerable to Insecure Default Initialization of Resource
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain...
Apache CouchDB Insecure Default Initialization of Resource Vulnerability
Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges...
CVE-2022-32480
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure...
CVE-2022-32480
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure...
Dell PowerScale OneFS 安全漏洞
Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. A security vulnerability exists in Dell PowerScale OneFS versions 9.0.0 through 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, which stems from an insecure default...
CVE-2022-32480
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated attacker may potentially exploit this vulnerability, leading to information disclosure...
CVE-2021-33130
Insecure default variable initialization of IntelR RealSenseTM ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access...