Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unicode unicode vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32874
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Below 0.13.2 Release, when uploading a file or retrieving the filename, a user may intentionally use a large Unicode filename which would lead to a application-level denial of service. ...
NA
CVE-2002-0627
The Web server for Polycom ViewStation prior to 7.2.4 allows remote malicious users to bypass authentication and read files via Unicode encoded requests.
Polycom Viewstation 512 6.5.1
Polycom Viewstation H.323 7.2
Polycom Viewstation Sp 384 6.5.1
Polycom Viewstation Mp 7.2
Polycom Viewstation H.323 6.5.1
Polycom Viewstation 128 7.2
Polycom Viewstation Dcp 7.2
Polycom Viewstation V.35 7.2
Polycom Viewstation 512 7.2
Polycom Viewstation Sp 384 7.2
Polycom Viewstation V.35 6.5.1
Polycom Viewstation Fx Vs4000 4.1.5
Polycom Viewstation 128 6.5.1
Polycom Viewstation Dcp 6.5.1
Polycom Viewstation Mp 6.5.1
9.8
CVSSv3
CVE-2020-36773
Artifex Ghostscript prior to 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
Artifex Ghostscript 9.52
Artifex Ghostscript 9.53.0
Artifex Ghostscript 9.52.1
Artifex Ghostscript 9.51
5.7
CVSSv3
CVE-2024-23826
spbu_se_site is the website of the Department of System Programming of St. Petersburg State University. prior to 2024.01.29, when uploading an avatar image, an authenticated user may intentionally use a large Unicode filename which would lead to a server-side denial of service un...
Se.math.spbu Spbu Se Site
NA
CVE-2013-7236
Simple Machines Forum (SMF) 2.0.6, 1.1.19, and previous versions allows remote malicious users to impersonate arbitrary users via a Unicode homoglyph character in a username.
Simplemachines Simple Machines Forum 1.1.4
Simplemachines Simple Machines Forum 1.1.3
Simplemachines Simple Machines Forum 1.1.2
Simplemachines Simple Machines Forum 1.1.17
Simplemachines Simple Machines Forum 1.1
Simplemachines Simple Machines Forum 1.0.9
Simplemachines Simple Machines Forum 1.0.18
Simplemachines Simple Machines Forum 1.0.17
Simplemachines Simple Machines Forum 1.0.16
Simplemachines Simple Machines Forum 1.0.15
Simplemachines Simple Machines Forum 1.0.14
Simplemachines Simple Machines Forum 1.1.7
Simplemachines Simple Machines Forum 1.1.5
Simplemachines Simple Machines Forum 1.1.16
Simplemachines Simple Machines Forum 1.1.14
Simplemachines Simple Machines Forum 1.0.7
Simplemachines Simple Machines Forum 1.0.5
Simplemachines Simple Machines Forum 1.0.21
Simplemachines Simple Machines Forum 1.0.2
Simplemachines Simple Machines Forum 1.0.13
Simplemachines Simple Machines Forum 1.0.10
Simplemachines Simple Machines Forum 1.0
5.5
CVSSv3
CVE-2019-19819
The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content.
Gonitro Nitropdf 12.0.0.112
7.8
CVSSv3
CVE-2019-16294
SciLexer.dll in Scintilla in Notepad++ (x64) prior to 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
Notepad-plus-plus Notepad\\+\\+
Scintilla Scintilla -
5.5
CVSSv3
CVE-2019-19817
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x2e8a Out-of-Bounds Read via crafted Unicode content.
Gonitro Nitro Free Pdf Reader 12.0.0.112
5.5
CVSSv3
CVE-2019-19818
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0xa08a Out-of-Bounds Read via crafted Unicode content.
Gonitro Nitro Free Pdf Reader 12.0.0.112
9.8
CVSSv3
CVE-2017-1001003
math.js prior to 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
Mathjs Project Mathjs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »