CWE-1287 — Vulnerability Class 107

107 vulnerabilities classified as CWE-1287. AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-58084	Mattermost Desktop App crashes when clicking on malformed external URL — Mattermost	3.5	Low	2025-10-13
CVE-2025-61672	Synapse: Invalid device keys degrade federation functionality — synapse	6.5^AI	Medium^AI	2025-10-08
CVE-2025-20327	Cisco IOS 安全漏洞 — IOS	7.7	High	2025-09-24
CVE-2025-10207	Authenticated File Disclosure/Delete — FLXEON	7.2	High	2025-09-18
CVE-2024-48851	Remote Code Execution — FLXEON	7.2	High	2025-09-18
CVE-2025-42929	Missing input validation vulnerability in SAP Landscape Transformation Replication Server — SAP Landscape Transformation Replication Server	8.1	High	2025-09-09
CVE-2025-42916	Missing input validation vulnerability in SAP S/4HANA (Private Cloud or On-Premise) — SAP S/4HANA (Private Cloud or On-Premise)	8.1	High	2025-09-09
CVE-2025-8402	Nil pointer dereference in bulk import crashes server — Mattermost	4.9	Medium	2025-08-21
CVE-2025-20251	Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense Software Authenticated Arbitrary File Deletion — Cisco Adaptive Security Appliance (ASA) Software	8.5	High	2025-08-14
CVE-2025-20244	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) Software	7.7	High	2025-08-14
CVE-2025-9042	Rockwell Automation FLEX 5000 I/O - Module Fault — FLEX 5000 I/O	7.5^AI	High^AI	2025-08-14
CVE-2025-9041	Rockwell Automation FLEX 5000 I/O - Module Fault — FLEX 5000 I/O	7.5^AI	High^AI	2025-08-14
CVE-2025-30027	AXIS Device Manger 安全漏洞 — AXIS OS	6.7	Medium	2025-08-12
CVE-2025-54525	Unexpected input to Create Channel Subscription endpoint causes DoS in Mattermost Confluence Plugin — Mattermost Confluence Plugin	7.5	High	2025-08-11
CVE-2025-8556	Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results	3.7	Low	2025-08-06
CVE-2024-40682	IBM SmartCloud Analytics - Log Analysis denial of service — SmartCloud Analytics Log Analysis	6.2	Medium	2025-07-23
CVE-2025-40910	Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses — Net::IP::LPM	7.5^AI	High^AI	2025-06-27
CVE-2025-52883	Meshtastic-Android vulnerable to forged DMs with no PKC showing up as encrypted — Meshtastic-Android	5.3	Medium	2025-06-24
CVE-2025-25020	IBM QRadar Suite Software and IBM Cloud Pak for Security improper input validation — QRadar Suite Software	6.5	Medium	2025-06-03
CVE-2025-0325	AXIS OS 安全漏洞 — AXIS OS	4.3	Medium	2025-06-02
CVE-2025-40911	Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses — Net::CIDR::Set	9.1^AI	Critical^AI	2025-05-27
CVE-2025-41650	Weidmueller: Denial-of-Service Vulnerability in Industrial Ethernet Switches — IE-SW-VL05M-5TX	7.5	High	2025-05-27
CVE-2025-20155	Cisco IOS XE 安全漏洞 — Cisco IOS XE Software	6.0	Medium	2025-05-07
CVE-2025-46342	Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements — kyverno	8.6	High	2025-04-30
CVE-2025-41395	Webapp DoS via malicious retrospective post in Playbooks — Mattermost	6.5	Medium	2025-04-24
CVE-2025-32442	Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass — fastify	7.5	High	2025-04-18
CVE-2024-42189	HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack — HCL BigFix Platform	7.5^AI	High^AI	2025-04-15
CVE-2024-47261	AXIS OS 安全漏洞 — AXIS OS	4.3	Medium	2025-04-08
CVE-2025-1558	Denial of Service Via Malicious GIF — Mattermost	6.5	Medium	2025-03-24
CVE-2024-47262	AXIS OS 安全漏洞 — AXIS OS	5.3	Medium	2025-03-04

Vulnerabilities classified as CWE-1287 represent 107 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-1287 — Vulnerability Class 107