Insecure Default Initialization of Resource

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Insecure Default Initialization of Resource in the Context.spawn function. An attacker can access prototype-chain properties of objects...

Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource in the GenFileChangeEvents handler. An attacker can obtain continuous access to sensitive file and directory information by connecting to the SSE endpoint without authentication. Remediation...

EUVD-2026-29494

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

Insecure Default Initialization of Resource

Overview @openclaw/feishu is an OpenClaw Feishu/Lark channel plugin community maintained by @m1heng Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via improper validation of the encryptKey configuration and blank callback tokens. An attacker can ga...

CVE-2026-2617

A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made publ...

CVE-2026-2617

A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made publ...

CVE-2026-2617

A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made publ...

Beetel 777VR1 安全漏洞

Beetel 777VR1 is a router produced by the Beetel company. Versions of Beetel 777VR1 starting from 01.00.09 and earlier have a security vulnerability. This vulnerability stems from the insecure default initialization of resources in the Telnet Service/SSH Service components...

Security Bulletin: IBM Operational Decision Manager - Multiple CVEs addressed related to Solr Core

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed Vulnerability Details CVEID:CVE-2024-45217...

CVE-2023-31101

Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or...

CVE-2020-12327

Insecure default variable initialization in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow a privileged user to potentially enable information disclosure via local access...

EUVD-2020-4639

Malware in sbrugna...

EUVD-2025-10251

Malicious code in bioql PyPI...

EUVD-2025-7513

Malicious code in bioql PyPI...

GE UR family Insecure Default Variable Initialization (CVE-2021-27426)

GE UR IED firmware versions prior to version 8.1x with Basic security variant does not allow the disabling of the Factory Mode, which is used for servicing the IED by a Factory user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to the misconfiguration of the ReadOnlyPort setting. An attacker can gain unauthorized access to exposed credentials by connecting to the open port without authentication. Remediation...

CVE-2025-27443

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access...

Insecure Default Initialization of Resource

Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the default newsletter opt-in settings. An attacker can abuse the system for mass unsolicited newslett...

CVE-2025-27443

CVE-2025-27443 concerns Zoom Workplace Apps for Windows, caused by insecure default variable initialization in the affected software. The vulnerability could allow an authenticated user to cause a loss of integrity via local access. Multiple connected sources consistently describe the issue in Zo...

CVE-2025-27443 Zoom Workplace Apps for Windows - Insecure Default Variable Initialization

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access...