Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hex vulnerabilities and exploits
(subscribe to this query)
6
CVSSv3
CVE-2021-36169
A Hidden Functionality in Fortinet FortiOS 7.x prior to 7.0.1, FortiOS 6.4.x prior to 6.4.7 allows malicious user to Execute unauthorized code or commands via specific hex read/write operations.
Fortinet Fortios 7.0.0
Fortinet Fortios
7.5
CVSSv3
CVE-2021-44151
An issue exists in Reprise RLM 14.2. As the session cookies are small, an attacker can hijack any existing sessions by bruteforcing the 4 hex-character session cookie on the Windows version (the Linux version appears to have 8 characters). An attacker can obtain the static part o...
Reprisesoftware Reprise License Manager 14.2
7.4
CVSSv3
CVE-2021-25217
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the ...
Isc Dhcp 4.1-esv
Isc Dhcp
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Siemens Ruggedcom Rox Rx1400 Firmware
Siemens Ruggedcom Rox Rx1500 Firmware
Siemens Ruggedcom Rox Rx1501 Firmware
Siemens Ruggedcom Rox Rx1510 Firmware
Siemens Ruggedcom Rox Rx1511 Firmware
Siemens Ruggedcom Rox Rx1512 Firmware
Siemens Ruggedcom Rox Rx1524 Firmware
Siemens Ruggedcom Rox Rx1536 Firmware
Siemens Ruggedcom Rox Rx5000 Firmware
Siemens Ruggedcom Rox Mx5000 Firmware
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire \\& Hci Management Node -
Siemens Sinec Ins 1.0
Siemens Sinec Ins
9.8
CVSSv3
CVE-2021-24115
In Botan prior to 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
Botan Project Botan
9.8
CVSSv3
CVE-2020-15150
There is a vulnerability in Paginator (Elixir/Hex package) which makes it susceptible to Remote Code Execution (RCE) attacks via input parameters to the paginate() function. This will potentially affect all current users of Paginator prior to version 1.0.0. The vulnerability has ...
Duffel Paginator
6.7
CVSSv3
CVE-2020-13776
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-...
Systemd Project Systemd
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 32
5.9
CVSSv3
CVE-2013-3587
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle malicious users to obtain plaintext secret values by observing length differences ...
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Link Controller 13.0.0
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager 13.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Wan Optimization Manager
F5 Big-ip Webaccelerator
F5 Firepass 7.0.0
F5 Firepass
1 Github repository
7.5
CVSSv3
CVE-2013-1634
A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte values at the 0x47f offset. NO...
Intel 82574l Controller Firmware
5.4
CVSSv3
CVE-2020-5205
In Pow (Hex package) prior to 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have th...
Powauth Pow
9.8
CVSSv3
CVE-2019-17669
WordPress prior to 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »