Fallos del tipo CWE-1188
171 resultadosCVE-2025-2442MEDIUMCWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could potentially lead to
unauthorized access whicEPSS 0.2%CVE-2026-46430MEDIUMAlgernon: Auto-refresh SSE event server binds to all interfaces by default on Linux/macOSEPSS 0.2%CVE-2025-14758MEDIUMInitialization of a Resource with an Insecure Default in YAOOKEPSS 0.2%CVE-2026-54359HIGHMISP automation endpoints may be exposed to CSRF when Sec-Fetch-Site protection is disabled by defaultEPSS 0.2%CVE-2025-64781MEDIUMIn GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to ver5.7.1, "External pEPSS 0.2%CVE-2026-9039HIGHInitialization of a resource with an insecure default in XCharge C6EPSS 0.2%CVE-2025-27809MEDIUMMbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unlEPSS 0.2%CVE-2025-2441MEDIUMCWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could lead to loss of
confidentiality when a malicEPSS 0.2%CVE-2025-31974LOWHCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-OnlyEPSS 0.2%CVE-2024-22388MEDIUMInsecure Default Initialization of Resource in HID GlobalEPSS 0.2%CVE-2024-30124MEDIUMHCL Sametime is impacted by insecure servicesEPSS 0.2%CVE-2024-48122MEDIUMInsecure default configurations in HI-SCAN 6040i Hitrax HX-03-19-I allow authenticated attackers with low-level privileges to escalate to roEPSS 0.2%CVE-2026-24197MEDIUMNVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default iniEPSS 0.2%CVE-2023-3485LOWInsecure Default Authorization in Temporal ServerEPSS 0.2%CVE-2022-48432MEDIUMIn JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed.EPSS 0.2%CVE-2025-52622MEDIUMHCL BigFix SaaS Remediate is affected by a security vulnerabilityEPSS 0.1%CVE-2026-46517HIGHLMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-outEPSS 0.1%CVE-2025-5591HIGHStored Cross-site Scripting (XSS) in Kentico Xperience 13EPSS 0.1%CVE-2026-36612MEDIUMMercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 enables WPS 2.0 by default with a weak lockout policy (60-second lockout after 10 aEPSS 0.1%CVE-2026-36616MEDIUMMercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS teEPSS 0.1%