Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hex vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-4590
Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an malicious user to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers.
Kimmov Frhed 1.6.0
9.8
CVSSv3
CVE-2021-27850
A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019...
Apache Tapestry
1 Metasploit module
3 Github repositories
9.8
CVSSv3
CVE-2021-24115
In Botan prior to 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
Botan Project Botan
9.8
CVSSv3
CVE-2020-15150
There is a vulnerability in Paginator (Elixir/Hex package) which makes it susceptible to Remote Code Execution (RCE) attacks via input parameters to the paginate() function. This will potentially affect all current users of Paginator prior to version 1.0.0. The vulnerability has ...
Duffel Paginator
9.8
CVSSv3
CVE-2019-17669
WordPress prior to 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2017-14473
An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive ...
Rockwellautomation Micrologix 1400 B Firmware
9.8
CVSSv3
CVE-2014-9939
ihex.c in GNU Binutils prior to 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.
Gnu Binutils
9.8
CVSSv3
CVE-2016-4303
The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.
Iperf3 Project Iperf3
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2022-31673
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.
Vmware Vrealize Operations
1 Article
8.8
CVSSv3
CVE-2019-1000013
Hex package manager hex_core version 0.3.0 and previous versions contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packa...
Hex Hex Core
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »