CWE-1188

Initialization of a Resource with an Insecure Default

Parent: CWE-1419 - Incorrect Initialization of Resource

The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

288 vulnerabilities with CWE-1188
CVE-2019-15304 CRITICAL
Progradegrill Wifi Grilling Thermometer Firmware - Denial of Service
CVSS 9.1
CVE-2019-2131 HIGH
Android 7.0-9 - Local Privilege Escalation via Overlay Permission
CVSS 7.8
CVE-2019-2120 HIGH
Android 7.0-9 - Local Privilege Escalation via Insecure Default in OatFileAssistant
CVSS 7.8
CVE-2019-7252 CRITICAL
Linear eMerge E3-Series - Info Disclosure
CVSS 9.8
CVE-2019-5497 CRITICAL
NetApp AFF A700s BMC - Command Injection
CVSS 9.8
CVE-2019-7668 CRITICAL
Prima Systems FlexAir - Info Disclosure
CVSS 9.8
CVE-2019-5367 CRITICAL
HPE Intelligent Management Center < 7.3 - Remote Code Execution
CVSS 9.8
CVE-2019-2043 HIGH
Android - Privilege Escalation via Overlay Attack in SmsDefaultDialog
CVSS 7.3
CVE-2019-1804 CRITICAL
Cisco Nexus 9000 - Privilege Escalation
CVSS 9.8
CVE-2019-11618 CRITICAL
doorgets_cms 7.0 - Unauthenticated Default Administrator Credential Exposure
CVSS 9.8
CVE-2019-7476 HIGH
SonicWall Global Management System <9.1 - RCE
CVSS 8.1
CVE-2019-2041 HIGH
Android 8.1-9 - Local Privilege Escalation via Insecure NFC Device Default Configuration
CVSS 7.3
CVE-2019-5490 CRITICAL
NetApp Service Processor - Command Injection
CVSS 9.8
CVE-2019-3783 HIGH
Cloud Foundry Stratos <2.3.0 - Privilege Escalation
CVSS 8.8
CVE-2019-1994 HIGH
Android 8.0-9 - Insecure Default Development Settings Access
CVSS 8.8
CVE-2019-3909 CRITICAL
Premisys Identicard <3.1.190 - Info Disclosure
CVSS 9.8
CVE-2018-25193 HIGH
Mongoose Web Server 6.9 - Denial of Service via Multiple Socket Connections
CVSS 7.5
CVE-2018-25169 HIGH
AMPPS 2.7 - Denial of Service via Malformed Socket Connection
CVSS 7.5
CVE-2018-20052 HIGH
Cerner Connectivity Engine 4 - Privilege Escalation
CVSS 7.8
CVE-2018-19275 CRITICAL
Mitel InAttend <2.5 SP3 & CMG <8.4 SP3 - Privilege Escalation
CVSS 9.8
CVE-2018-17497 HIGH
eVisitorPass - Privilege Escalation
CVSS 8.4
CVE-2018-17485 HIGH
Lobby Track Desktop - Info Disclosure
CVSS 8.4
CVE-2018-20402 HIGH
Safe Software FME Server <2018.1 - Info Disclosure
CVSS 8.8
CVE-2018-17906 HIGH
Philips iSite & IntelliSpace PACS - Info Disclosure
CVSS 8.8
CVE-2018-10605 HIGH
Martem TELEM GW6/GWM <2.0.87-4018403-k4 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 288
Links
MITRE CWE Entry Search this CWE With Exploits