Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1286

CWE-1286

Improper Validation of Syntactic Correctness of Input

Parent: CWE-20 - Improper Input Validation

The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.

79 vulnerabilities with CWE-1286

CVE-2025-55085 HIGH

Eclipse ThreadX NetX Duo < 6.4.4.202503 - HTTP Header Parsing Buffer Overflow

CVE-2025-11573 HIGH

Amazon.IonDotnet < 1.3.2 - Denial of Service via Infinite Loop in Text Input Parser

CVE-2025-36262 MEDIUM

IBM Planning Analytics Local <2.0.106, <2.1.13 - Info Disclosure

CVE-2025-10954 MEDIUM

github.com/nyaruka/phonenumbers <1.2.2 - Improper Validation

CVE-2025-54995 MEDIUM

Asterisk < 18.26.4 and Certified Asterisk < 18.9-cert17 - Resource Exhaustion via RTP Session Leak

CVE-2025-25007 MEDIUM

Microsoft Exchange Server - Info Disclosure

CVE-2025-30415 HIGH

Acronis Cyber Protect Cloud Agent <40077 - DoS

CVE-2025-43878 MEDIUM

F5OS-A 1.5.1-1.8.0 and F5OS-C 1.6.0-1.6.2 - Authenticated Appliance Mode Restriction Bypass via tcpdump Utility

CVE-2025-24348 MEDIUM

ctrlX OS - Wireless Network Configuration File Manipulation

CVE-2025-24347 MEDIUM

ctrlX OS - Network Configuration File Manipulation

CVE-2025-24346 HIGH

ctrlX OS - Authenticated Path Traversal

CVE-2025-24345 MEDIUM

Bosch Rexroth ctrlX OS 1.20.0-1.20.6 & 2.6.0-2.6.7 Authenticated Hosts File Manipulation

CVE-2025-46419 MEDIUM

Westermo WeOS 5-5.23.0 - Denial of Service via Malformed ESP Packet

CVE-2025-20644 MEDIUM

MediaTek NR15 and NR16 - Remote Denial of Service via Rogue Base Station

CVE-2025-22868 HIGH

Product <Version - Memory Corruption

CVE-2025-24812 MEDIUM

SIMATIC S7-1200 CPU < V4.7 - Denial of Service via Crafted Packets to Port 102/tcp

CVE-2025-0638 HIGH

Routinator >=0.14.1 - Denial of Service via Manifest File Name Parsing

CVE-2024-51983 HIGH

Brother Printers <1.68 Unauthenticated DoS via WS-Scan SOAP Request

CVE-2024-51982 HIGH

Brother Printer Devices - Denial of Service via Malformed PJL Command

CVE-2024-52362 MEDIUM

IBM App Connect Enterprise Certified Container - DoS

CVE-2024-8772 MEDIUM

AXIS OS 9.80.0-9.80.83, 10.0.0-10.12.248, 11.0.0-11.11.117, 12.0.0-12.1.27 - DoS via VAPIX API Race Condition

CVE-2024-8160 LOW

Axis ftptest.cgi - Command Injection

CVE-2024-6763 LOW

Eclipse Jetty 7.0.0-9.4.56 & 12.0.0-12.0.11 - Open Redirect & SSRF via HttpURI Authority

CVE-2024-6173 MEDIUM

AXIS OS - Denial of Service via Guard Tour VAPIX API Parameter

CVE-2024-7954 CRITICAL

SPIP porte_plume - Unauthenticated PHP Code Execution

Previous Page 2 of 4 Next

Details

Vulnerabilities 79

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy