Fallos del tipo CWE-1188

171 resultados
CVE-2026-33037HIGHWWBN AVideo has predictable default admin credentials in official Docker deployment pathEPSS 0.7%CVE-2025-1863CRITICALInsecure default settings for recorder productsEPSS 0.6%CVE-2024-8383HIGHFirefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does noEPSS 0.6%CVE-2026-2617MEDIUMBeetel 777VR1 Telnet Service/SSH Service insecure default initialization of resourceEPSS 0.6%CVE-2020-11915MEDIUMAn issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params.cgi?telnetd=1&save=1&reboot=1 request to tEPSS 0.6%CVE-2025-41245MEDIUMVMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)EPSS 0.6%CVE-2025-47945CRITICALDonetick Has Weak Default JWT SecretEPSS 0.6%CVE-2021-35535HIGHInsufficient Security Control VulnerabilityEPSS 0.6%CVE-2020-11917MEDIUMAn issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value, which makes it easier for remote attackers EPSS 0.6%CVE-2026-39920CRITICALBridgeHead FileStore < 24A Apache Axis2 Default Credentials RCEEPSS 0.5%CVE-2024-0387MEDIUMEDS-4000/G4000 Series IP Forwarding VulnerabilityEPSS 0.5%CVE-2024-51758LOWExported files stored in default (`public`) filesystem if not reconfigured in filamentEPSS 0.5%CVE-2023-5368msdosfs data disclosureEPSS 0.5%CVE-2026-44825HIGHApache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure usersEPSS 0.5%CVE-2024-26267MEDIUMIn Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP 7.4 before update 26, 7.3 before update 5, 7.2 befEPSS 0.5%CVE-2026-50519MEDIUMMicrosoft Visual Studio Code CoPilot Chat Security Feature Bypass VulnerabilityEPSS 0.5%CVE-2025-59097CRITICALUnauthenticated SOAP API in dormakaba access managerEPSS 0.5%CVE-2024-25610CRITICALIn Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 befoEPSS 0.5%CVE-2024-41995HIGHInitialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability iEPSS 0.5%CVE-2026-44588CRITICALSiYuan: URL-encoded title bypasses `escapeAriaLabel`, decoded by `decodeURIComponent` into a tooltip-XSSEPSS 0.5%