Vulnerabilities > Insecure Default Initialization of Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-15 | CVE-2024-22207 | Insecure Default Initialization of Resource vulnerability in Smartbear Swagger UI 2.0.0/2.0.1 fastify-swagger-ui is a Fastify plugin for serving Swagger UI. | 5.3 |
| 2023-10-12 | CVE-2023-27516 | Insecure Default Initialization of Resource vulnerability in Softether VPN 4.419782/5.01.9674 An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. | 7.8 |
| 2023-10-10 | CVE-2023-45312 | Insecure Default Initialization of Resource vulnerability in Mtproto MT Proto Proxy In the mtproto_proxy (aka MTProto proxy) component through 0.7.2 for Erlang, a low-privileged remote attacker can access an improperly secured default installation without authenticating and achieve remote command execution ability. | 8.8 |
| 2023-10-04 | CVE-2023-5368 | Insecure Default Initialization of Resource vulnerability in Freebsd On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. | 6.5 |
| 2023-08-23 | CVE-2023-3453 | Insecure Default Initialization of Resource vulnerability in Etictelecom Remote Access Server Firmware 4.5.0/4.7.0 ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. | 8.1 |
| 2023-08-14 | CVE-2023-35689 | Insecure Default Initialization of Resource vulnerability in Google Android 11.0/13.0 In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. | 7.8 |
| 2023-06-30 | CVE-2023-3485 | Insecure Default Initialization of Resource vulnerability in Temporal Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. | 3.6 |
| 2023-05-24 | CVE-2023-33949 | Insecure Default Initialization of Resource vulnerability in Liferay Digital Experience Platform and Liferay Portal In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. | 7.5 |
| 2023-05-22 | CVE-2023-31101 | Insecure Default Initialization of Resource vulnerability in Apache Inlong 1.5.0/1.6.0 Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. | 6.5 |
| 2023-05-19 | CVE-2023-1618 | Insecure Default Initialization of Resource vulnerability in Mitsubishielectric Melsec Ws0-Geth00200 Firmware Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 Serial number 2310 **** and prior allows a remote unauthenticated attacker to bypass authentication and illegally log into the affected module by connecting to it via telnet which is hidden function and is enabled by default when shipped from the factory. | 8.6 |