The following is a list of charsets that have known vulnerabilities in them that allow them to be susceptible to filter evasion. Please see the calculator at h4k.in for details on conversion.

Charset	IE7.0	IE6.0	Firefox 2.0.0.2	Opera 9.02	Notes
BIG5	X	X			Variable width encoding: 129-254
BIG5-HKSCS	X	X			Variable width encoding: 129-254
CP850
EUC-JP	X	X	X		Variable width encoding: 129-254 in IE, In Firefox vulnerable to 143
EUC-KR	X	X			Variable width encoding: 129-254
GBK	X	X			Variable width encoding: 129-254
GB18030
GB2312	X	X			Variable width encoding: 129-254
HZ-GB-2312	X	X			Variable width encoding: 129-254 in IE and 126-255 in Firefox
IBM852
IBM855
IBM862
IBM864
IBM866
KOI8-R
KOI8-U
ISO-2022-CN
ISO-2022-JP	X	X			Variable width encoding: 129-254
ISO-2022-KR					Doesn't display previous click history from the page in Opera
ISO-8859-1
ISO-8859-2
ISO-8859-3
ISO-8859-4
ISO-8859-5
ISO-8859-6
ISO-8859-7
ISO-8859-8
ISO-8859-9
ISO-8859-10
ISO-8859-11
ISO-8859-12
ISO-8859-13
ISO-8859-14
ISO-8859-15
ISO-8859-16
SHIFT_JIS	X	X	X		Variable width encoding: 129-252
TIS-620
UTF-16	X	X	X	X	Vulnerable to null byte injection
UTF-16BE	X	X	X	X	Vulnerable to null byte injection and BOM injection if the charset is mis-set in Firefox
UTF-16LE	X	X			See UTF-16
UTF-32
UTF-32BE
UTF-32LE
UTF-7	X	X	X	X	Uses UTF-7 Syntax which uses no angle brackets
UTF-8
US-ASCII		X			IE6.0 was vulnerable to US-ASCII encoding 7 bit chars.
USC-4
Windows-1250
Windows-1251
Windows-1252
Windows-1253
Windows-1254
Windows-1255
Windows-1256
Windows-1257
Windows-1258
X-ISO-10646-UCS-4-2143
x-mac-centraleurroman
x-mac-cyrillic
x-mac-greek
x-mac-turkish

Note: just because something isn't marked insecure doesn't mean it's secure (it also may not have been tested thoroughly). Please use this only as a guide, not as a rule book.