CVE-2020-12523

CRITICAL Year: 2020
CVSS v3 Score
9.1
Critical
CVSS v2 Score
6.4
Medium
Weakness Type
CWE-909
View all →

Vulnerability Description

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource

Related Vulnerabilities

CVE-2020-11741

HIGH
CVSS:8.8(High)

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly ga...

CWE-9092020

CVE-2021-23994

HIGH
CVSS:8.8(High)

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

CWE-9092021

CVE-2021-29980

HIGH
CVSS:8.8(High)

Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderb...

CWE-9092021

CVE-2022-22704

CRITICAL
CVSS:9.8(Critical)

The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the co...

CWE-9092022

CVE-2005-1036

HIGH
CVSS:7.8(High)

FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to caus...

CWE-9092005

CVE-2022-29968

HIGH
CVSS:7.8(High)

An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.

CWE-9092022