Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hex vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1945
Cross-site scripting (XSS) vulnerability in the convert_highlite_words function in Invision Blog prior to 1.1.2 Final allows remote malicious users to inject arbitrary web script or HTML via double hex encoded highlight data.
Invision Power Services Invision Community Blog 1.1
Invision Power Services Invision Community Blog 1.0
9.8
CVSSv3
CVE-2014-9939
ihex.c in GNU Binutils prior to 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.
Gnu Binutils
9.8
CVSSv3
CVE-2023-4590
Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an malicious user to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers.
Kimmov Frhed 1.6.0
NA
CVE-2024-25730
Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex values concatenated with a "Hitron" substring, resulting in insufficient entropy (only about one million possibilities).
NA
CVE-2002-1831
Microsoft MSN Messenger Service 1.0 up to and including 4.6 allows remote malicious users to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field.
Microsoft Msn Messenger 2.0
Microsoft Msn Messenger 3.0
Microsoft Msn Messenger 3.6
Microsoft Msn Messenger 4.0
Microsoft Msn Messenger 4.5
Microsoft Msn Messenger 4.6
Microsoft Msn Messenger 1.0
Microsoft Msn Messenger 2.2
1 EDB exploit
NA
CVE-2005-1420
Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote malicious users to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space).
Raysoft Video Cam Server 1.0.0 Beta
NA
CVE-2005-3869
Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter.
Google Api Search
NA
CVE-2002-2013
Mozilla 0.9.6 and previous versions and Netscape 6.2 and previous versions allows remote malicious users to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Mozilla Mozilla 0.9.2
Mozilla Mozilla 0.9.2.1
Netscape Communicator 4.6
Netscape Communicator 4.61
Netscape Communicator 4.7
Netscape Communicator 4.72
Netscape Communicator 4.0
Netscape Communicator 4.06
Netscape Communicator 4.07
Netscape Communicator 4.08
Netscape Communicator 4.77
Netscape Communicator 4.78
Netscape Navigator 4.77
Netscape Navigator 6.0
Mozilla Mozilla 0.9.4
Mozilla Mozilla 0.9.5
Netscape Communicator 4.5
Netscape Communicator 4.51
Netscape Communicator 4.73
Netscape Communicator 4.75
Netscape Navigator 6.1
Mozilla Mozilla 0.9.3
NA
CVE-2005-0479
Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam 5.12 and previous versions allows remote malicious users to read arbitrary files via ".." sequences and (1) "/" slash), (2) "\" (backslash), or (3) hex-encoded characters in the f...
Trackercam Trackercam
1 EDB exploit
NA
CVE-2005-1180
HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote malicious users to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter.
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »