Zoom Client for Meetings < 6.3.10 Insecure Default Variable Initialization Vulnerability (ZSB-25014)

The version of Zoom Client for Meetings installed on the remote host is prior to 6.3.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25014 advisory. - Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to...

CVE-2025-27443

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access...

CVE-2025-27443 Zoom Workplace Apps for Windows - Insecure Default Variable Initialization

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access...

GO-2024-2650 Golang SDK for Vela Insecure Variable Substitution in github.com/go-vela/sdk-go

Golang SDK for Vela Insecure Variable Substitution in github.com/go-vela/sdk-go...

Insecure Variable Substitution

github.com/go-vela/types is vulnerable to Insecure Variable Substitution. The vulnerability arises due to the unexpected behavior of variable substitution combined with insensitive fields like parameters, image, and entrypoint. This allows for bypassing log masking and exposing secrets without...

Insecure Variable Substitution

github.com/go-vela/cli is vulnerable to Insecure Variable Substitution. The vulnerability arises due to the unexpected behavior of variable substitution combined with insensitive fields like parameters, image, and entrypoint. This allows for bypassing log masking and exposing secrets without usin...

CLI for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block...

Golang SDK for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block...

GHSA-69P4-J5V5-X234 Server/API for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block...

Types for Vela Insecure Variable Substitution

Impact Vela pipelines can use variable substitution combined with insensitive fields like parameters, image and entrypoint to inject secrets into a plugin/image and — by using common substitution string manipulation — can bypass log masking and expose secrets without the use of the commands block...

CVE-2021-33130

CVE-2021-33130 targets Intel RealSense ID Solution F450 before 2.6.0.74. The issue arises from insecure default variable initialization, potentially allowing an unauthenticated user to disclose information via physical access. Impact is described as partial confidentiality loss (C:H) with no inte...

CVE-2021-0144

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access...

CVE-2019-11632

In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could view or edit unscoped variables from a different project. These permissions are only used in custom...

ezDatabase20.txt

ezDatabase 2.0 and below ezDatabase 2.0 and below ========================================= www.ezdatabase.org "ezDatabase is the foundation for your online databases. It is a powerful web based application that allows even non-technical users to create online databases for their website...

ezDatabase 2.0 and below

ezDatabase 2.0 and below ezDatabase 2.0 and below ========================================= www.ezdatabase.org "ezDatabase is the foundation for your online databases. It is a powerful web based application that allows even non-technical users to create online databases for their website...