Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hex vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6971
Mozilla Firefox 2.0, possibly only when running on Windows, allows remote malicious users to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer...
Mozilla Firefox 2.0.0.1
NA
CVE-2007-6405
Sergey Lyubka Simple HTTPD (shttpd) 1.38 and previous versions on Windows allows remote malicious users to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, (3) %2e sequence (hex-encoded dot), or (4) he...
Shttpd Shttpd 1.34
Shttpd Shttpd 1.35
Shttpd Shttpd 1.38
1 EDB exploit
NA
CVE-2002-1599
DansGuardian prior to 2.4.5-1 allows remote malicious users to bypass content filtering rules via hex-encoded URLs.
Daniel Barron Dansguardian 2.2.2.7.1
Daniel Barron Dansguardian 2.2.2.9.1
Daniel Barron Dansguardian 2 2.2.9
Daniel Barron Dansguardian 2 2.2.5
Daniel Barron Dansguardian 2 2.2.6
Daniel Barron Dansguardian 2 2.2.7
Daniel Barron Dansguardian 2 2.2.8
Daniel Barron Dansguardian 2 2.2.10
Daniel Barron Dansguardian 2 2.2.4
7.5
CVSSv3
CVE-2016-5056
OSRAM SYLVANIA Osram Lightify Pro prior to 2016-07-26 uses only 8 hex digits for a PSK.
Osram Lightify Pro
5.3
CVSSv3
CVE-2022-32265
qDecoder prior to 12.1.0 does not ensure that the percent character is followed by two hex digits for URL decoding.
Qdecoder Project Qdecoder
9.8
CVSSv3
CVE-2021-24115
In Botan prior to 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
Botan Project Botan
NA
CVE-2005-0831
PHP-Post allows remote malicious users to spoof the names of other users by registering with a username containing hex-encoded characters.
Php-post Php-post Web Forum 0.1
Php-post Php-post Web Forum 0.2
Php-post Php-post Web Forum 0.21
Php-post Php-post Web Forum 0.22
Php-post Php-post Web Forum 0.3
Php-post Php-post Web Forum 0.32
6.5
CVSSv3
CVE-2023-20891
The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can acce...
Vmware Isolation Segment
Vmware Tanzu Application Service For Virtual Machines
6.1
CVSSv3
CVE-2014-9772
The validator package prior to 2.0.0 for Node.js allows remote malicious users to bypass the cross-site scripting (XSS) filter via hex-encoded characters.
Nodejs Node.js
NA
CVE-2004-2065
DansGuardian 2.8 and previous versions allows remote malicious users to bypass the extension filtering rule via a hex encoded extension or . in the filename.
Daniel Barron Dansguardian 2.2.6
Daniel Barron Dansguardian 2.2.7
Daniel Barron Dansguardian 2.8
Daniel Barron Dansguardian 2.2.7.1
Daniel Barron Dansguardian 2.2.8
Daniel Barron Dansguardian 2.2.9
Daniel Barron Dansguardian 2.2.4
Daniel Barron Dansguardian 2.2.5
Daniel Barron Dansguardian 2.6.1.5
Daniel Barron Dansguardian 2.7.3.1
Daniel Barron Dansguardian 2.2.10
Daniel Barron Dansguardian 2.2.9.1
Daniel Barron Dansguardian 2.4.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »