Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hex vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0975
Apple Safari 1.0 up to and including 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote malicious users to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
Apple Safari 1.1
Apple Safari 1.0
Apple Mac Os X 10.2.8
Apple Mac Os X 10.3.1
Apple Mac Os X Server 10.2.8
Apple Mac Os X Server 10.3.1
7.5
CVSSv3
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote malicious users to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
Virustotal Yara 3.5.0
NA
CVE-2002-1744
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote malicious users to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot d...
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2004-2628
Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote malicious users to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:&quo...
Acme Labs Thttpd 2.0.7 Beta 0.4
1 EDB exploit
NA
CVE-2006-3929
Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote malicious users to inject arbitrary web script or HTML via hex-encoded values in the a parameter.
Zyxel Prestige 660h-61 Firmware 3.40 Pt.0 B32
1 EDB exploit
NA
CVE-2004-2402
Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote malicious users to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect.
Yabb Yabb 1 Gold - Sp 1.3.1
Yabb Yabb 1 Gold - Sp 1.3.2
Yabb Yabb 1 Gold - Sp 1.2
Yabb Yabb 1 Gold - Sp 1.3
Yabb Yabb 1.41
Yabb Yabb 1 Gold - Sp 1
Yabb Yabb 2000-09-11
Yabb Yabb 1.40
Yabb Yabb 1 Gold Release
Yabb Yabb 2000-09-01
6.5
CVSSv3
CVE-2017-13777
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not ...
Graphicsmagick Graphicsmagick 1.3.26
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2017-13776
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not ...
Graphicsmagick Graphicsmagick 1.3.26
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2021-30300
Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I...
Qualcomm Apq8009w Firmware -
Qualcomm Apq8017 Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Ar8035 Firmware -
Qualcomm Csrb31024 Firmware -
Qualcomm Fsm10055 Firmware -
Qualcomm Fsm10056 Firmware -
Qualcomm Mdm8207 Firmware -
Qualcomm Mdm9150 Firmware -
Qualcomm Mdm9205 Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9207 Firmware -
Qualcomm Mdm9607 Firmware -
Qualcomm Mdm9628 Firmware -
Qualcomm Mdm9640 Firmware -
Qualcomm Msm8909w Firmware -
Qualcomm Msm8996au Firmware -
Qualcomm Qca4004 Firmware -
Qualcomm Qca6174a Firmware -
Qualcomm Qca6390 Firmware -
Qualcomm Qca6391 Firmware -
Qualcomm Qca6426 Firmware -
NA
CVE-2005-3894
Multiple cross-site scripting (XSS) vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 up to and including 1.3.2 and 2.0.0 up to and including 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) hex-encoded values in the Queue...
Otrs Otrs 1.0.0
Otrs Otrs 1.3.2
Otrs Otrs 2.0.0
Otrs Otrs 2.0.1
Otrs Otrs 2.0.2
Otrs Otrs 2.0.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »