CWE-1188
Initialization of a Resource with an Insecure Default
The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.
261 vulnerabilities with CWE-1188
CVE-2025-62877
CRITICAL
SUSE Virtualization (Harvester) <1.5.x,1.6.x - Info Disclosure
CVSS 9.8
CVE-2025-5591
MEDIUM
Kentico Xperience 13 - XSS
CVSS 5.4
CVE-2025-56332
CRITICAL
Pangolin < 1.7.0 - Authentication Bypass
CVSS 9.1
CVE-2025-14758
MEDIUM
YAOOK Operator - Info Disclosure
CVSS 6.5
CVE-2025-66482
MEDIUM
Misskey <2025.12.0-alpha.2 - SSRF
CVSS 6.5
CVE-2025-64781
MEDIUM
GroupSession <5.7.1 - Open Redirect
CVSS 4.7
CVE-2025-48629
HIGH
VoiceInteractionManagerService - Privilege Escalation
CVSS 7.8
CVE-2025-48621
HIGH
Java - Privilege Escalation
CVSS 7.3
CVE-2025-66416
HIGH
MCP Python SDK <1.23.0 - SSRF
CVSS 8.1
CVE-2025-66414
HIGH
MCP TypeScript SDK <1.24.0 - SSRF
CVSS 8.1
CVE-2025-52622
MEDIUM
BigFix SaaS - XSS
CVSS 5.4
CVE-2025-13357
HIGH
Hashicorp Terraform Provider < 5.5.0 - Authentication Bypass
CVSS 7.4
CVE-2025-35021
MEDIUM
Abilis CPX - Privilege Escalation
CVSS 6.5
CVE-2025-64135
MEDIUM
Jenkins Eggplant Runner Plugin <0.0.1.301.v963cffe8ddb_8 - Info Dis...
CVSS 5.9
CVE-2025-62802
MEDIUM
DNN <10.1.1 - Info Disclosure
CVSS 4.3
CVE-2025-61481
CRITICAL
MikroTik RouterOS <7.14.2 & SwOS <2.18 - XSS
CVSS 10.0
CVE-2025-41245
MEDIUM
VMware Aria Operations - Info Disclosure
CVSS 4.9
CVE-2025-57295
HIGH
H3C Magic Nx15 Firmware - Privilege Escalation
CVSS 8.0
CVE-2025-43797
MEDIUM
Liferay Portal/DXP - Info Disclosure
CVSS 5.4
CVE-2025-41713
MEDIUM
Switch - SSRF
CVSS 6.5
CVE-2025-36222
HIGH
IBM Fusion <2.10.1 - Info Disclosure
CVSS 8.7
CVE-2025-59044
MEDIUM
Himmelblau 0.9.x - Info Disclosure
CVSS 4.4
CVE-2025-32330
MEDIUM
Google Android - Information Disclosure
CVSS 5.7
CVE-2025-38523
MEDIUM
Linux kernel - Info Disclosure
CVSS 5.5
CVE-2025-7353
CRITICAL
Rockwell Automation ControlLogix - Memory Corruption
Details
Vulnerabilities
261