Vulnerabilities > Insecure Default Initialization of Resource

DATE CVE VULNERABILITY TITLE RISK
2023-01-09 CVE-2022-2196 Insecure Default Initialization of Resource vulnerability in Linux Kernel
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks.
local
low complexity
linux CWE-1188
8.8
2022-12-13 CVE-2022-20466 Insecure Default Initialization of Resource vulnerability in Google Android
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value.
local
low complexity
google CWE-1188
5.5
2022-12-08 CVE-2022-46831 Insecure Default Initialization of Resource vulnerability in Jetbrains Teamcity 2022.10
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
network
low complexity
jetbrains CWE-1188
4.9
2022-12-08 CVE-2022-3262 Insecure Default Initialization of Resource vulnerability in Redhat Openshift 4.9
A flaw was found in Openshift.
network
low complexity
redhat CWE-1188
8.1
2022-11-11 CVE-2022-36349 Insecure Default Initialization of Resource vulnerability in Intel products
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel CWE-1188
5.5
2022-10-19 CVE-2022-42467 Insecure Default Initialization of Resource vulnerability in Apache Isis
When running in prototype mode, the h2 webconsole module (accessible from the Prototype menu) is automatically made available with the ability to directly query the database.
network
low complexity
apache CWE-1188
5.3
2022-09-19 CVE-2022-40468 Insecure Default Initialization of Resource vulnerability in Tinyproxy Project Tinyproxy
Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used.
network
low complexity
tinyproxy-project CWE-1188
7.5
2022-06-24 CVE-2022-31806 Insecure Default Initialization of Resource vulnerability in Codesys Plcwinnt and Runtime Toolkit
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller.
network
codesys CWE-1188
6.8
2022-05-20 CVE-2022-24287 Insecure Default Initialization of Resource vulnerability in Siemens products
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8).
local
low complexity
siemens CWE-1188
4.6
2022-05-12 CVE-2021-33130 Insecure Default Initialization of Resource vulnerability in Intel Realsense ID F450 Firmware
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical access.
local
low complexity
intel CWE-1188
2.1