Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1287

CWE-1287

Improper Validation of Specified Type of Input

Parent: CWE-20 - Improper Input Validation

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

134 vulnerabilities with CWE-1287

CVE-2025-21083 MEDIUM

Mattermost Mobile Apps <=2.22.0 - Code Injection

CVE-2025-20088 MEDIUM

Mattermost <10.2.0-10.2.0, <9.11.5-9.11.5, <10.0.3-10.0.3, <10.1.3-...

CVE-2025-20086 MEDIUM

Mattermost <10.2.0-10.1.3 - Code Injection

CVE-2025-20036 MEDIUM

Mattermost Mobile Apps <=2.22.0 - Code Injection

CVE-2025-20033 MEDIUM

Mattermost 9.11.0-9.11.5, 10.0.0-10.0.3, 10.1.0-10.1.3, 10.2.0 DoS via Custom Post Type Validation Bypass

CVE-2024-6858 MEDIUM

Arista EOS 802.1X Multi-Auth - Authentication Bypass

CVE-2024-2105 MEDIUM

JBL Flip 5/6, Pulse 4/5, Boombox 2/3, Xtreme 3 - DoS via BLE

CVE-2024-48851 HIGH

ABB FLXEON <= 9.3.5 - Remote Code Execution via Improper Input Validation

CVE-2024-40682 MEDIUM

IBM SmartCloud Analytics - Log Analysis <1.3.8.2 - DoS

CVE-2024-42189 MEDIUM

HCL BigFix Platform 10.0.0-10.0.12 - Denial of Service via API Parameter

CVE-2024-47261 MEDIUM

AXIS OS 10.12.0-12.3.55, 10.12.0-10.12.275, 11.0.0-11.11.140 - Unauthenticated Arbitrary File Upload

CVE-2024-47262 MEDIUM

AXIS OS 6.50.0-12.3.3 - DoS via VAPIX API param.cgi Race Condition

CVE-2024-56908 MEDIUM

Perfex CRM < 3.2.1 - Authenticated Arbitrary File Upload via upload_sales_file rel_id Parameter

CVE-2024-12756 HIGH

Avaya Spaces - HTML Injection

CVE-2024-8125 MEDIUM

OpenText Content Management <24.4 - Parameter Injection

CVE-2024-48858 HIGH

QNX Software Development Platform 7.0-8.0 - Unauthenticated Denial of Service via PCX Image Codec

CVE-2024-5594 CRITICAL

OpenVPN 2.6.0-2.6.10 - Arbitrary Data Injection via PUSH_REPLY Message

CVE-2024-8058 HIGH

Lenovo FileZ Client < 9.8.6.0 - Arbitrary File Read via URL Preloading

CVE-2024-54083 MEDIUM

Mattermost 9.5.0-9.5.12 10.0.0-10.0.2 10.1.0-10.1.2 - Denial of Service via Crafted Post

CVE-2024-51551 CRITICAL

ABB ASPECT/NEXUS/MATRIX Firmware < 3.07.02 - Unauthenticated Default Credential Access

CVE-2024-51550 CRITICAL

ABB ASPECT Enterprise, NEXUS Series, and MATRIX Series <3.08.02 <3 - Data Validation

CVE-2024-51546 HIGH

ABB ASPECT Enterprise, NEXUS Series, MATRIX Series <3.08.02 - Credentials Disclosure

CVE-2024-9404 HIGH

Moxa VPort 07-3 Series < 1.0 and EDS Series < 3.12 - Denial of Service via moxa_cmd Service

CVE-2024-8403 HIGH

Mitsubishi Electric MELSEC iQ-F Series - DoS

CVE-2024-43426 HIGH

moodle - Arbitrary File Read via TeX Notation Filter

Previous Page 4 of 6 Next

Details

Vulnerabilities 134

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy