EUVD-2026-38089

Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network...

CVE-2026-30805

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to DNS rebinding protection being disabled by default in HTTP-based servers using StreamableHTTPHandler or SSEHandler. An attacker can access internal resources or invoke tools exposed by...

Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint

Zipkin through 3.5.1 has a /heapdump endpoint associated with the use of Spring Boot Actuator, a similar issue to CVE-2025-48927...

GHSA-794X-8X6X-QPFC Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint

Zipkin through 3.5.1 has a /heapdump endpoint associated with the use of Spring Boot Actuator, a similar issue to CVE-2025-48927...

The vulnerability of the mbedtls_ssl_set_hostname function in Mbed TLS software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the mbedtlssslsethostname function in Mbed TLS software is related to insecure resource initialization. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of software products for conducting Zoom Workplace video conferences on the Windows operating system, related to insecure resource initialization, allows a perpetrator to influence the integrity of protected information.

The vulnerability of software products for conducting Zoom Workplace video conferences on the Windows operating system is related to an insecure initialization of resources. Exploiting this vulnerability could allow an attacker to influence the integrity of protected information...

Schneider Electric Trio Q Licensed Data Radio 安全漏洞

The Schneider Electric Trio Q Licensed Data Radio is a radio from Schneider Electric France. The Schneider Electric Trio Q Licensed Data Radio suffers from an information disclosure vulnerability that stems from an insecure initialization of resources, which can be exploited by an attacker to...

Schneider Electric Trio Q Licensed Data Radio 安全漏洞

Schneider Electric Trio Q Licensed Data Radio is a radio from Schneider Electric France. A security vulnerability exists in Schneider Electric Trio Q Licensed Data Radio versions prior to v2.7.2, which stems from an insecure resource initialization that could lead to unauthorized access...

CVE-2025-2129

Mage AI 0.9.75 is associated with an insecure default initialization of a resource (insecure default authentication setup) that could enable a remote attack. Documents describe a network-vector, high attack complexity, and partial confidentiality/integrity/availability impact. The exploitability ...

Mage AI 安全漏洞

Mage AI is a Mage open source intelligent program for building, running and managing data pipelines. A security vulnerability exists in Mage AI version 0.9.75 that stems from insecure resource initialization...

The vulnerability of the component set in the full stack for rapid development of the Filament PHP framework Laravel, related to insecure resource initialization, allows attackers to exploit it to disclose sensitive information.

The vulnerability of the component set of the full stack for the accelerated development of the Filament PHP framework Laravel is related to an insecure initialization of a resource, allowing a malicious actor to exploit this to disclose sensitive information...

The vulnerability of the microprogrammed software in modular controller devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, CHARX SEC-3000, arises from insecure resource initialization. This allows a hacker to bypass the password protection of arbitrary users.

The vulnerability of the microprogrammed software in modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact’s CHARX SEC-3000 is related to an unsafe initialization of resources. Exploiting this vulnerability could allow a malicious actor to reset t...

The vulnerability of the Telnet service of the microprogramming software for routers such as FutureNet NXR, FutureNet VXR, and FutureNet WXR allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Telnet service provided by the microprogramming software for FutureNet NXR, FutureNet VXR, and FutureNet WXR is related to insecure resource initialization. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality,...

The vulnerabilities of D-Link DIR-550A and DIR-604M router microprogramming software allow attackers to enhance their privileges.

The vulnerability of D-Link DIR-550A and DIR-604M router microprogramming software is related to insecure resource initialization. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS Evolved is an updated version of Juniper Networks' Junos OS. A security vulnerability in Juniper Networks Junos OS Evolved, which arises from an insecure default resource initialization, can be exploited by an attacker to gain access to certain confidential information a...

The vulnerability of the Kiosk mode implementation in Siemens SIMATIC software allows a intruder to enhance their privileges.

The vulnerability of the Kiosk mode implementation in Siemens SIMATIC software products is related to insecure resource initialization. Exploiting this vulnerability can allow attackers to enhance their privileges by opening the printer’s dialog box in the vulnerable application, even if the...

The vulnerability of the CouchDB database management system, related to insecure resource initialization, allows attackers to escalate their privileges.

The vulnerability of the CouchDB database management system is related to the insecure initialization of resources. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...

The vulnerability of NETGEAR EX7700 wireless network repeater software, related to insecure resource initialization, allows a intruder to gain unauthorized access to protected information.

The vulnerability of NETGEAR EX7700 Wi-Fi network repeater software’s microprogramming system is related to an insecure resource initialization process. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to protected information...