Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to DNS rebinding protection being disabled by default in HTTP-based servers using StreamableHTTPHandler or SSEHandler. An attacker can access internal resources or invoke tools exposed by...

GHSA-794X-8X6X-QPFC Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint

Zipkin through 3.5.1 has a /heapdump endpoint associated with the use of Spring Boot Actuator, a similar issue to CVE-2025-48927...

Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint

Zipkin through 3.5.1 has a /heapdump endpoint associated with the use of Spring Boot Actuator, a similar issue to CVE-2025-48927...

Schneider Electric Trio Q Licensed Data Radio 安全漏洞

Schneider Electric Trio Q Licensed Data Radio is a radio from Schneider Electric France. A security vulnerability exists in Schneider Electric Trio Q Licensed Data Radio versions prior to v2.7.2, which stems from an insecure resource initialization that could lead to unauthorized access...

Schneider Electric Trio Q Licensed Data Radio 安全漏洞

The Schneider Electric Trio Q Licensed Data Radio is a radio from Schneider Electric France. The Schneider Electric Trio Q Licensed Data Radio suffers from an information disclosure vulnerability that stems from an insecure initialization of resources, which can be exploited by an attacker to...

CVE-2025-2129

Mage AI 0.9.75 is associated with an insecure default initialization of a resource (insecure default authentication setup) that could enable a remote attack. Documents describe a network-vector, high attack complexity, and partial confidentiality/integrity/availability impact. The exploitability ...

Mage AI 安全漏洞

Mage AI is a Mage open source intelligent program for building, running and managing data pipelines. A security vulnerability exists in Mage AI version 0.9.75 that stems from insecure resource initialization...

Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS Evolved is an updated version of Juniper Networks' Junos OS. A security vulnerability in Juniper Networks Junos OS Evolved, which arises from an insecure default resource initialization, can be exploited by an attacker to gain access to certain confidential information a...