Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ascii vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-1575
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote malicious users to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.
Mozilla Firefox 1.0
Mozilla Firefox 0.10.1
5
CVSSv2
CVE-2005-1269
Gaim prior to 1.3.1 allows remote malicious users to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
Rob Flynn Gaim 0.50
Rob Flynn Gaim 0.51
Rob Flynn Gaim 0.58
Rob Flynn Gaim 0.59
Rob Flynn Gaim 0.66
Rob Flynn Gaim 0.67
Rob Flynn Gaim 0.74
Rob Flynn Gaim 0.75
Rob Flynn Gaim 0.82
Rob Flynn Gaim 0.82.1
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.1.3
Rob Flynn Gaim 0.10
Rob Flynn Gaim 0.10.3
Rob Flynn Gaim 0.56
Rob Flynn Gaim 0.57
Rob Flynn Gaim 0.64
Rob Flynn Gaim 0.65
Rob Flynn Gaim 0.72
Rob Flynn Gaim 0.73
Rob Flynn Gaim 0.80
Rob Flynn Gaim 0.81
5
CVSSv2
CVE-2005-2405
Opera 8.01, when the "Arial Unicode MS" font (ARIALUNI.TTF) is installed, does not properly handle extended ASCII characters in the file download dialog box, which allows remote malicious users to spoof file extensions and possibly trick users into executing arbitrary c...
Opera Opera Browser 8.01
7.8
CVSSv2
CVE-2014-9303
EntryPass N5200 Active Network Control Panel allows remote malicious users to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868.
Entrypass N5200 Active Network Control Panel -
1 EDB exploit
5.1
CVSSv2
CVE-2005-0667
Buffer overflow in Sylpheed prior to 1.0.3 and other versions prior to 1.9.5 allows remote malicious users to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
Sylpheed Sylpheed 0.9.6
Sylpheed Sylpheed 0.9.7
Sylpheed Sylpheed 0.9.8
Sylpheed Sylpheed 0.9.9
Sylpheed Sylpheed 0.9.10
Sylpheed Sylpheed 0.9.12
Sylpheed Sylpheed 0.9.5
Sylpheed Sylpheed 0.9.99
Sylpheed Sylpheed 1.0.1
Sylpheed-claws Sylpheed-claws 1.0.2
Sylpheed Sylpheed 0.8.11
Sylpheed Sylpheed 0.9.11
Sylpheed Sylpheed 0.9.4
Sylpheed Sylpheed 1.0.0
Sylpheed Sylpheed 1.0.2
Redhat Enterprise Linux 2.1
Redhat Fedora Core Core 3.0
Redhat Linux Advanced Workstation 2.1
Altlinux Alt Linux 2.3
Gentoo Linux
7.5
CVSSv2
CVE-2019-9900
When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules, gaining access to unauthorize...
Envoyproxy Envoy
Redhat Openshift Service Mesh -
1 Github repository
7.2
CVSSv2
CVE-2017-11007
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of stack corruption due to buffer overflow of Partition name while converting ascii string to unicode string in function HandleMetaImgFlash.
Google Android -
NA
CVE-2024-23809
A double-free vulnerability exists in the BrainVision ASCII Header Parsing functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .vdhr file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger th...
5
CVSSv2
CVE-2021-22918
Node.js prior to 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. ...
Nodejs Node.js
Siemens Sinec Infrastructure Network Services
NA
CVE-2022-43551
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mecha...
Haxx Curl
Fedoraproject Fedora 37
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »