Lucene search
+L

11 matches found

nvd
nvd
added 2026/03/18 4:17 a.m.5 views

CVE-2026-32256

music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...

7.5CVSS0.00366EPSS
Exploits0References2
cve
cve
added 2026/03/18 3:22 a.m.13 views

CVE-2026-32256

CVE-2026-32256 affects the music-metadata library in the ASF parser path (parseExtensionObject in lib/asf/AsfParser.ts). Before version 11.12.3, if a sub-object inside the ASF Header Extension Object has objectSize = 0, the parser can enter an infinite loop, causing an application hang. Version 1...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2026/02/11 12:0 a.m.11 views

Flexera FlexNet Publisher(FLEXlm) 跨站请求伪造漏洞

Flexera FlexNet Publisher FLEXlm is a software licensing management component within the Entitlement Relationship Management Solution provided by the American company Flexera. This product enables software and hardware manufacturers to manage software licensing terms, including pricing, packaging...

5.1CVSS5.7AI score0.0013EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/02/07 12:0 a.m.7 views

Celestial AbsoluteTelnet 安全漏洞

Celestial AbsoluteTelnet is a Telnet/SSH terminal client software developed by the American company Celestial. Version 11.12 of Celestial AbsoluteTelnet contains a security vulnerability, which stems from a buffer overflow in the SSH2 username input field, potentially leading to a denial-of-servi...

6.9CVSS6AI score0.00213EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/02/06 12:0 a.m.9 views

PT-2026-6830

Name of the Vulnerable Software and Affected Versions AbsoluteTelnet version 11.12 Description The software contains a denial of service issue that allows local attackers to crash the application. This is achieved by providing an oversized license name, specifically a 2500-character payload, to t...

6.7CVSS5.4AI score0.00222EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2026/02/06 12:0 a.m.12 views

PT-2026-6831

Name of the Vulnerable Software and Affected Versions AbsoluteTelnet version 11.12 Description The software contains a denial of service issue that allows local attackers to crash the application. This is achieved by providing an oversized license name, specifically a 2500-character payload, to t...

6.7CVSS5.4AI score0.00222EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/12/09 12:0 a.m.5 views

Dell Encryption 后置链接漏洞

Dell Encryption is a suite of data protection solutions from Dell USA. The product includes features such as compliance management, authentication, disk data encryption, and port encryption. A backlink vulnerability exists in Dell Encryption versions prior to 11.12.1, which stems from improper li...

6.6CVSS6.3AI score0.00082EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/04/14 12:0 a.m.8 views

COINS Construction Cloud 跨站脚本漏洞

COINS Construction Cloud is an end-to-end suite of cloud and mobile software solutions from COINS, Inc. designed to help construction executives drive increased profitability across their business. A cross-site scripting vulnerability exists in COINS Construction Cloud version 11.12, which stems...

5.4CVSS5.7AI score0.00593EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2022/01/24 12:0 a.m.13 views

PT-2022-12310 · Coins · Coins Construction Cloud

Name of the Vulnerable Software and Affected Versions: COINS Construction Cloud version 11.12 Description: The issue is related to improper input neutralization, making it vulnerable to reflected cross-site scripting XSS via malicious links. This affects the search window and activity view window...

6.1CVSS5.8AI score0.01085EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2022/01/24 12:0 a.m.9 views

PT-2022-12308 · Coins · Coins Construction Cloud

Name of the Vulnerable Software and Affected Versions: COINS Construction Cloud version 11.12 Description: The issue is related to insufficient input neutralization, making it vulnerable to denial of service attacks via forced server crashes. Recommendations: For COINS Construction Cloud version...

6.5CVSS6.3AI score0.01644EPSS
Exploits1References6
osv
osv
added 2017/04/22 10:59 p.m.6 views

CVE-2017-8056

WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity XXE, in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new...

5.3CVSS5.8AI score0.05076EPSS
Exploits2References4
Rows per page
Query Builder