CVE-2020-12336

Insecure default variable initialization in firmware for some IntelR NUCs may allow an authenticated user to potentially enable escalation of privilege via local access...

PT-2024-9462 · Microsoft · Windows Remote Desktop Services +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services affected versions not specified Description: The issue is related to a remote code execution problem in Windows Remote Desktop Services. It involves the initialization of an insecure variable by default...

SoftEther VPN CiRpcAccepted() authentication bypass vulnerability

Talos Vulnerability Report TALOS-2023-1754 SoftEther VPN CiRpcAccepted authentication bypass vulnerability October 12, 2023 CVE Number CVE-2023-27516 SUMMARY An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially...

Ghost Foundation Ghost Post Creation insecure default installation vulnerability

Talos Vulnerability Report TALOS-2022-1686 Ghost Foundation Ghost Post Creation insecure default installation vulnerability January 19, 2023 CVE Number CVE-2022-47197,CVE-2022-47195,CVE-2022-47194,CVE-2022-47196 SUMMARY An insecure default vulnerability exists in the Post Creation functionality o...

CVE-2021-27426 GE UR family insecure default variable initialization

GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user...

CVE-2021-0144

CVE-2021-0144 (Intel BSSA DFT) is triggered by insecure default variable initialization in the BIOS Shared SW Architecture Design for Test feature, enabling local privilege escalation for authenticated/privileged users. Public adapters include Intel’s advisory INTEL-SA-00525 and related vendor bu...