Vulnerabilities > Insecure Default Initialization of Resource
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-24 | CVE-2023-27524 | Insecure Default Initialization of Resource vulnerability in Apache Superset Session Validation attacks in Apache Superset versions up to and including 2.0.1. | 9.8 |
2023-04-17 | CVE-2023-28978 | Insecure Default Initialization of Resource vulnerability in Juniper Junos OS Evolved An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. | 5.3 |
2023-03-24 | CVE-2022-38745 | Insecure Default Initialization of Resource vulnerability in Apache Openoffice Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. | 7.8 |
2023-03-23 | CVE-2022-4224 | Insecure Default Initialization of Resource vulnerability in Codesys products In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device. | 8.8 |
2023-02-23 | CVE-2022-48342 | Insecure Default Initialization of Resource vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents. | 9.8 |
2023-01-19 | CVE-2022-47194 | Insecure Default Initialization of Resource vulnerability in Ghost 5.9.4 An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. | 5.4 |
2023-01-19 | CVE-2022-47196 | Insecure Default Initialization of Resource vulnerability in Ghost 5.9.4 An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. | 5.4 |
2023-01-09 | CVE-2022-2196 | Insecure Default Initialization of Resource vulnerability in multiple products A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. | 8.8 |
2022-12-13 | CVE-2022-20466 | Insecure Default Initialization of Resource vulnerability in Google Android In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. | 5.5 |
2022-12-08 | CVE-2022-46831 | Insecure Default Initialization of Resource vulnerability in Jetbrains Teamcity 2022.10 In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators. | 4.9 |