CWE-1287: CWE-1287

This vulnerability in PostgreSQL's intarray extension allows attackers to execute arbitrary code with the privileges of the database operating system ...

A TLS 1.3 handshake vulnerability in Cisco ASA and FTD software allows unauthenticated remote attackers to trigger a device reload, causing denial of ...

This vulnerability in Kyverno allows attackers with Kubernetes API access to bypass security-critical policy rules that use namespace selectors. The m...

This vulnerability allows an attacker to inject a malicious domain into a URL parameter during login, causing post-authentication redirection to the a...

This CVE allows attackers with high privilege ABAP access to delete arbitrary database table contents when tables lack authorization group protection....

This CVE describes a vulnerability in SAP ABAP reports where attackers with high privilege access can delete arbitrary database table contents if tabl...

This vulnerability in Windows Authentication Methods allows an authenticated attacker to perform local privilege escalation by exploiting improper inp...

This Windows privilege escalation vulnerability allows authenticated attackers to gain higher system privileges through improper input validation. It ...

This vulnerability allows authenticated VPN users to send specially crafted HTTP requests to Cisco ASA/FTD Remote Access SSL VPN services, causing the...

This vulnerability allows authenticated remote attackers with VPN credentials to crash Cisco ASA/FTD devices via crafted HTTPS POST requests, causing ...

An improper parsing vulnerability in FileZ client allows attackers to craft malicious files that, when placed in the FileZ directory, can read arbitra...

An unauthenticated remote attacker can cause Cisco TelePresence and RoomOS devices to reload by sending crafted text, resulting in denial of service. ...

An unauthenticated remote attacker can send a specially crafted Modbus read command to vulnerable devices, causing a denial of service. This affects i...

An improper input validation vulnerability in the PCX image codec in QNX SDP allows unauthenticated attackers to cause denial-of-service conditions. T...

This vulnerability in Moxa's moxa_cmd service allows attackers to cause denial-of-service or service crashes through insufficient input validation. It...

A remote attacker can send specially crafted SLMP packets to Mitsubishi Electric MELSEC iQ-F Series FX5-ENET and FX5-ENET/IP devices, causing denial o...

An unauthenticated attacker can send a specially crafted malformed packet to cause a flowd crash and restart on non-clustered SRX5000 Series devices, ...

An unauthenticated network attacker can cause denial of service by sending a specially crafted BGP update with a malformed tunnel encapsulation TLV, c...

This vulnerability allows unauthenticated remote attackers to cause denial of service on Cisco TelePresence and RoomOS devices by sending crafted H.32...

An HTML injection vulnerability in Avaya Spaces allows attackers to inject malicious HTML content into web pages, potentially leading to information d...

This vulnerability in ABB FLXEON allows remote attackers to execute arbitrary code on affected systems by sending specially crafted input that isn't p...

This vulnerability in IBM QRadar Suite and Cloud Pak for Security allows authenticated users to execute arbitrary commands due to improper input valid...

This CVE describes a privilege escalation vulnerability in Axis ACAP applications where improper input validation allows malicious applications to gai...

This CVE describes an ACAP configuration file vulnerability in Axis devices that lacks sufficient input validation, potentially allowing arbitrary cod...

This vulnerability allows attackers to crash the Calls plugin in Mattermost by sending malformed WebSocket requests with improper UTF-8 formatting. Af...

This vulnerability allows an unauthorized attacker within Bluetooth range to send specially crafted BLE connection requests that cause improper valida...

A vulnerability in Free5GC versions 4.0.0 and 4.0.1 allows attackers to cause denial of service through the Nudm_SubscriberDataManagement API. This af...

This vulnerability in Windows Local Session Manager allows authenticated attackers to send specially crafted network requests that cause denial of ser...

This vulnerability in Windows Local Session Manager allows authenticated attackers to cause denial of service by sending specially crafted network req...

This vulnerability in Net::IP::LPM Perl module allows attackers to bypass IP-based access controls by using IP addresses with leading zeros, which are...

This vulnerability in IBM QRadar Suite Software and IBM Cloud Pak for Security allows authenticated users to cause denial of service by sending malfor...

Mattermost Mobile Apps versions up to 2.25.0 contain a GIF validation vulnerability that allows attackers to crash the Android application by sending ...

Mattermost Mobile versions up to 2.22.0 contain a type casting vulnerability where posts with attachments containing non-String fields can crash the m...

Mattermost fails to properly validate post properties, allowing authenticated malicious users to crash the server by sending specially crafted posts. ...

Mattermost Mobile Apps versions up to 2.22.0 fail to properly validate post properties, allowing authenticated malicious users to send specially craft...

This vulnerability in Mattermost allows authenticated users to send specially crafted posts that cause denial-of-service conditions for other users in...

This vulnerability in IBM SmartCloud Analytics - Log Analysis allows a local user to cause a denial of service by exploiting improper input validation...

This CVE describes a downgrade attack vulnerability in Meshtastic firmware where direct messages can be silently decrypted using legacy symmetric encr...

A firmware fault in MiCard PLUS card readers causes random character drops during ID card reads, potentially assigning wrong card numbers during self-...

CVE-2025-9524 is an input validation vulnerability in Axis camera VAPIX API's port.cgi endpoint that can cause process crashes when exploited. This af...

This vulnerability allows attackers to upload files via the VAPIX API uploadoverlayimage.cgi endpoint in Axis devices, potentially blocking access to ...

Mattermost Mobile Apps versions up to 2.22.0 contain a vulnerability where specially crafted attachment names can cause the mobile app to crash when a...

This vulnerability in Mattermost allows attackers to create denial-of-service conditions by exploiting improper validation of post types. Attackers wi...