Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ascii vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0452
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote malicious users to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, includi...
Microsoft Asp.net 1.0
Microsoft Asp.net 1.1
1 EDB exploit
1 Github repository
NA
CVE-2000-1226
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote malicious users to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap...
Snort Snort 1.6
NA
CVE-2000-0190
AOL Instant Messenger (AIM) client allows remote malicious users to cause a denial of service via a message with a malformed ASCII value.
Aol Instant Messenger
NA
CVE-2000-1130
McAfee WebShield SMTP 4.5 allows remote malicious users to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.
Network Associates Webshield Smtp 4.5
9.8
CVSSv3
CVE-2019-19330
The HTTP/2 implementation in HAProxy prior to 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
Haproxy Haproxy
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2011-1939
SQL injection vulnerability in Zend Framework 1.10.x prior to 1.10.9 and 1.11.x prior to 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP prior to 5.3.6.
Zend Zend Framework
Php Php
Debian Debian Linux 8.0
1 EDB exploit
NA
CVE-2024-4175
Unicode transformation vulnerability in Hyperion affecting version 2.0.15. This vulnerability could allow an malicious user to send a malicious payload with Unicode characters that will be replaced by ASCII characters.
NA
CVE-2009-0887
Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and previous versions, when a configuration file contains non-ASCII usernames, might allow remote malicious users to cause a denial of service, and might allow remote authentica...
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam
7.5
CVSSv3
CVE-2019-11923
In Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specified length with no maximum length enforced, allowing for resource exhaustion or denial of service.
Facebook Mcrouter
NA
CVE-2004-1490
Opera 7.54 and previous versions allows remote malicious users to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
Opera Opera Browser
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »