Weaknesses of type CWE-1287
136 resultsCVE-2025-58084LOWMattermost Desktop App crashes when clicking on malformed external URLEPSS 0.3%CVE-2024-12756HIGHAvaya Spaces HTML injection (HTMLi) VulnerabilityEPSS 0.3%CVE-2026-29788HIGHTSPortal: Anyone can forge self-deletion requests of any userEPSS 0.3%CVE-2026-54235MEDIUMvLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernelsEPSS 0.3%CVE-2023-2431LOWBypass of seccomp profile enforcementEPSS 0.3%CVE-2023-29126MEDIUMInsecure loose comparison in Enel X JuiceBoxEPSS 0.3%CVE-2026-4646MEDIUMInsufficient input validation in GitHub plugin API causes denial of serviceEPSS 0.3%CVE-2025-59275HIGHWindows Authentication Elevation of Privilege VulnerabilityEPSS 0.2%CVE-2025-42916HIGHMissing input validation vulnerability in SAP S/4HANA (Private Cloud or On-Premise)EPSS 0.2%CVE-2025-59278HIGHWindows Authentication Elevation of Privilege VulnerabilityEPSS 0.2%CVE-2025-12689MEDIUMDoS in Calls plugin via malformed UTF-8 in WebSocket requestEPSS 0.2%CVE-2024-42189MEDIUMHCL BigFix Web Reports might be subject to a Denial of Service (DoS) attackEPSS 0.2%CVE-2026-10825HIGHImproper JSON Input Validation in WebSocket API Leads to Denial of ServiceEPSS 0.2%CVE-2026-2092HIGHKeycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertionsEPSS 0.2%CVE-2024-3175HIGHInsufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform privilege escalationEPSS 0.2%CVE-2025-52883MEDIUMMeshtastic-Android vulnerable to forged DMs with no PKC showing up as encryptedEPSS 0.2%CVE-2025-9524MEDIUMThe VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerabilitEPSS 0.2%CVE-2025-20756MEDIUMIn Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogEPSS 0.2%CVE-2025-42929HIGHMissing input validation vulnerability in SAP Landscape Transformation Replication ServerEPSS 0.2%CVE-2026-47675MEDIUMHono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injectionEPSS 0.2%