Vulnerabilities > Insecure Default Initialization of Resource
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-24 | CVE-2020-4001 | Insecure Default Initialization of Resource vulnerability in VMWare Sd-Wan Orchestrator The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. | 9.8 |
2020-11-17 | CVE-2020-27555 | Insecure Default Initialization of Resource vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user. | 9.8 |
2020-11-16 | CVE-2020-26510 | Insecure Default Initialization of Resource vulnerability in Airleader Master Control Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed Tomcat Manager for deployment of a new .war file, with resultant remote code execution. | 9.8 |
2020-11-12 | CVE-2020-12336 | Insecure Default Initialization of Resource vulnerability in Intel products Insecure default variable initialization in firmware for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2020-11-12 | CVE-2020-12327 | Insecure Default Initialization of Resource vulnerability in Intel Thunderbolt DCH Driver 1.41.1054.0 Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
2020-11-12 | CVE-2020-8705 | Insecure Default Initialization of Resource vulnerability in Intel products Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 3.1.80 and 4.0.30, Intel(R) SPS versions before E5_04.01.04.400, E3_04.01.04.200, SoC-X_04.00.04.200 and SoC-A_04.00.04.300 may allow an unauthenticated user to potentially enable escalation of privileges via physical access. | 6.8 |
2020-11-10 | CVE-2020-13927 | Insecure Default Initialization of Resource vulnerability in Apache Airflow The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. | 9.8 |
2020-10-29 | CVE-2020-11489 | Insecure Default Initialization of Resource vulnerability in Intel BMC Firmware 1.06.06/2.47 NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure. | 7.5 |
2020-10-14 | CVE-2020-0416 | Insecure Default Initialization of Resource vulnerability in Google Android In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. | 8.8 |
2020-10-09 | CVE-2020-26930 | Insecure Default Initialization of Resource vulnerability in Netgear Ex7700 Firmware NETGEAR EX7700 devices before 1.0.0.210 are affected by incorrect configuration of security settings. | 3.8 |