CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Hexagon HxGN OnCall Dispatch Advantage Web v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage Mobile v10.2402 are vulnerable to Cross Site Scripting XSS which allows a remote authenticated attacker with access to the Broadcast Person functionality to execute arbitrary code...

4.6CVSS6.1AI score0.00209EPSS

Exploits0References1

NVD•added 2025/06/25 4:15 p.m.•2 views

CVE-2025-44206

4.6CVSS0.00209EPSS

Exploits0References2

Positive Technologies•added 2025/06/25 12:0 a.m.•2 views

PT-2025-26848 · Hexagon · Hexagon Hxgn Oncall Dispatch Advantage

Name of the Vulnerable Software and Affected Versions: Hexagon HxGN OnCall Dispatch Advantage Web version 10.2309.03.00264 Hexagon HxGN OnCall Dispatch Advantage Mobile version 10.2402 Description: The issue allows a remote authenticated attacker with access to the Broadcast Person functionality ...

4.6CVSS6.6AI score0.00209EPSS

Exploits0References5

CVE•added 2025/06/25 12:0 a.m.•10 views

CVE-2025-44206

Hexagon HxGN OnCall Dispatch Advantage Web v10.2309.03.00264 and Mobile v10.2402 are affected by a Cross-Site Scripting (XSS) vulnerability that can be exploited by a remote authenticated attacker with access to the Broadcast (Person) functionality to execute arbitrary code. Root cause details be...

4.6CVSS6.5AI score0.00209EPSS

Exploits0References2

Cvelist•added 2025/06/25 12:0 a.m.•5 views

CVE-2025-44206

4.6CVSS0.00209EPSS

Exploits0References2

CNNVD•added 2025/06/25 12:0 a.m.•1 views

Hexagon HxGN OnCall Dispatch Advantage 跨站脚本漏洞

Hexagon HxGN OnCall Dispatch Advantage is a software suite for event management and dispatch from Hexagon Sweden. A security vulnerability exists in Hexagon HxGN OnCall Dispatch Advantage that stems from a cross-site scripting vulnerability that could lead to the execution of arbitrary code...

4.6CVSS6.3AI score0.00209EPSS

Exploits0References4

Vulnrichment•added 2025/06/25 12:0 a.m.•5 views

CVE-2025-44206

4.6CVSS6.5AI score0.00209EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 9:17 p.m.•6 views

CVE-2021-32051

Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter...

7.5CVSS8AI score0.01107EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 8:54 p.m.•2 views

CVE-2021-37749

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...

10CVSS7.3AI score0.00675EPSS

Exploits1References1

OSSF Malicious Packages•added 2025/02/07 6:7 a.m.•2 views

Malicious code in nebulagl-h3-hexagon-editing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bbf7cb7b134f7a3699367939a1d01f6863a30cbc599d8973b3c57509cd51c9b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References3

OSV•added 2021/08/30 4:15 a.m.•1 views

CVE-2021-37749

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...

9.8CVSS5.8AI score0.00675EPSS

Exploits1References3

NVD•added 2021/08/30 4:15 a.m.•7 views

CVE-2021-37749

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...

10CVSS0.00675EPSS

Exploits1References3

Prion•added 2021/08/30 4:15 a.m.•12 views

Sql injection

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...

10CVSS9.7AI score0.00675EPSS

Exploits1References3Affected Software1

CVE•added 2021/08/30 3:20 a.m.•36 views

CVE-2021-37749

The CVE-2021-37749 entry concerns Hexagon GeoMedia WebMap 2020 prior to Update 2 (16.6.2.66). A vulnerability in MapService.svc allows blind SQL injection via the Id (within sourceItems) parameter to the GetMap method. CVSSv3.1 base score 9.8 (CRITICAL) with network attack vector, no user interac...

10CVSS9.7AI score0.00675EPSS

Exploits1References3Affected Software1

Cvelist•added 2021/08/30 3:20 a.m.•11 views

CVE-2021-37749

MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...

10AI score0.00675EPSS

Exploits1References3

CNNVD•added 2021/08/30 12:0 a.m.•0 views

Hexagon GeoMedia WebMap SQL注入漏洞

Hexagon GeoMedia WebMap is a Web-based geospatial data visualization and analysis server product from Hexagon. A SQL injection vulnerability exists in MapService.svc in versions prior to Hexagon GeoMedia WebMap 2020 Update 2 16.6.2.66, which stems from a vulnerability in MapService.svc that allow...

10CVSS8.5AI score0.00675EPSS

Exploits1References3

NVD•added 2021/05/14 1:15 a.m.•8 views

CVE-2021-32051

Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter...

7.5CVSS0.01107EPSS

Exploits3References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by