Vulnerabilities > Insecure Default Initialization of Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-11 | CVE-2018-3591 | Insecure Default Initialization of Resource vulnerability in Qualcomm products In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the default build configuration of deviceprogrammer in BOOT.BF.3.0 enables the flag SKIP_SECBOOT_CHECK_NOT_RECOMMENDED_BY_QUALCOMM which will open up the peek and poke commands to any memory location on the target. | 9.8 |
| 2018-03-20 | CVE-2018-5770 | Insecure Default Initialization of Resource vulnerability in Tendacn Ac15 Firmware An issue was discovered on Tenda AC15 devices. | 9.8 |
| 2018-02-22 | CVE-2018-0130 | Insecure Default Initialization of Resource vulnerability in Cisco Virtual Managed Services 3.0 A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to gain administrative access to an affected system. | 9.8 |
| 2017-11-27 | CVE-2017-8039 | Insecure Default Initialization of Resource vulnerability in Pivotal Spring web Flow An issue was discovered in Pivotal Spring Web Flow through 2.4.5. | 5.9 |
| 2017-11-15 | CVE-2017-12739 | Insecure Default Initialization of Resource vulnerability in Siemens Sm-2556 Firmware An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. | 9.8 |
| 2017-10-03 | CVE-2017-8021 | Insecure Default Initialization of Resource vulnerability in Dell Elastic Cloud Storage 3.0 EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system. | 9.8 |
| 2017-07-25 | CVE-2017-6750 | Insecure Default Initialization of Resource vulnerability in Cisco products A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability. | 7.5 |
| 2017-06-13 | CVE-2017-6692 | Insecure Default Initialization of Resource vulnerability in Cisco Ultra Services Framework Element Manager 21.0.V0.65839 A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user, aka an Insecure Default Account Information Vulnerability. | 8.8 |
| 2017-06-13 | CVE-2017-6689 | Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the admin user, aka an Insecure Default Administrator Credentials Vulnerability. | 8.8 |
| 2017-06-13 | CVE-2017-6688 | Insecure Default Initialization of Resource vulnerability in Cisco Elastic Services Controller 2.2(9.76) A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerability. | 8.8 |