CWE-1287 — Vulnerability Class 107

107 vulnerabilities classified as CWE-1287. AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-12756	Avaya Spaces HTML injection (HTMLi) Vulnerability — Avaya Spaces	7.3	High	2025-02-11
CVE-2025-24876	Authentication bypass via authorization code injection in SAP Approuter — SAP Approuter Node.js package	8.1	High	2025-02-11
CVE-2025-24804	Partial Denial of Service (DoS) in MobSF — Mobile-Security-Framework-MobSF	6.5	-	2025-02-05
CVE-2024-8125	A remote code vulnerability has been discovered in OpenText™ Content Management. — Content Management (Extended ECM)	8.8	-	2025-02-04
CVE-2025-20630	Mobile crash via object that can't be cast to String in Attachment Field — Mattermost	6.5	Medium	2025-01-16
CVE-2025-20621	Webapp crash via object that can't be cast to String in Attachment Field — Mattermost	6.5	Medium	2025-01-16
CVE-2025-0476	Mobile crash via file with specially crafted filename — Mattermost	4.3	Medium	2025-01-15
CVE-2025-20088	Insufficient Input Validation on Post Props — Mattermost	6.5	Medium	2025-01-15
CVE-2025-20086	Insufficient Input Validation on Post Props — Mattermost	6.5	Medium	2025-01-15
CVE-2025-21083	Insufficient Input Validation on Post Props — Mattermost	6.5	Medium	2025-01-15
CVE-2025-20036	Insufficient Input Validation on Post Props — Mattermost	6.5	Medium	2025-01-15
CVE-2024-48858	Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform — QNX Software Development Platform (SDP)	7.5	High	2025-01-14
CVE-2025-20033	DoS via custom post type for sysconsole plugin readers — Mattermost	4.3	Medium	2025-01-09
CVE-2024-5594	OpenVPN 安全漏洞 — OpenVPN	7.5^AI	High^AI	2025-01-06
CVE-2024-8058	Lenovo Filez 安全漏洞 — FileZ Client	7.6	High	2024-12-16
CVE-2024-54083	DoS via lack of type validation in Calls — Mattermost	6.5	Medium	2024-12-16
CVE-2024-51551	Default Credentials — ASPECT-Enterprise	10.0	Critical	2024-12-05
CVE-2024-51550	Data Validation / Sanitization — ASPECT-Enterprise	10.0	Critical	2024-12-05
CVE-2024-51546	Credentails Disclosure — ASPECT-Enterprise	7.5	High	2024-12-05
CVE-2024-9404	Denial-of-Service Vulnerability — VPort 07-3 Series	7.5	High	2024-12-04
CVE-2024-8403	Denial-of-Service Vulnerability in Ethernet port on MELSEC iQ-F Ethernet Module and EtherNet/IP Module — MELSEC iQ-F Series FX5-ENET	7.5	High	2024-11-19
CVE-2023-29126	Insecure loose comparison in Enel X JuiceBox — JuiceBox Pro 3.0 22kW Cellular	4.2	Medium	2024-11-05
CVE-2024-20494	Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software	8.6	High	2024-10-23
CVE-2024-20408	Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software	7.7	High	2024-10-23
CVE-2024-47504	Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash — Junos OS	7.5	High	2024-10-11
CVE-2024-1578	Multiple MiCard PLUS card reader dropped characters — MiCard PLUS Ci	8.2	-	2024-09-16
CVE-2024-4879	Jelly Template Injection Vulnerability in ServiceNow UI Macros — Now Platform	9.8	Critical	2024-07-10
CVE-2024-6298	remote code execution — ASPECT-Enterprise	10.0	Critical	2024-07-05
CVE-2023-47726	IBM QRadar Suite improper input validation — QRadar Suite Software	7.1	High	2024-06-18
CVE-2024-35213	Vulnerability in SGI Image Codec Impacts BlackBerry QNX Software Development Platform (SDP) — QNX Software Development Platform (SDP)	9.0	Critical	2024-06-11

Vulnerabilities classified as CWE-1287 represent 107 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-1287 — Vulnerability Class 107