11 matches found
CVE-2026-32256
music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...
CVE-2026-32256
CVE-2026-32256 affects the music-metadata library in the ASF parser path (parseExtensionObject in lib/asf/AsfParser.ts). Before version 11.12.3, if a sub-object inside the ASF Header Extension Object has objectSize = 0, the parser can enter an infinite loop, causing an application hang. Version 1...
Flexera FlexNet Publisher(FLEXlm) 跨站请求伪造漏洞
Flexera FlexNet Publisher FLEXlm is a software licensing management component within the Entitlement Relationship Management Solution provided by the American company Flexera. This product enables software and hardware manufacturers to manage software licensing terms, including pricing, packaging...
Celestial AbsoluteTelnet 安全漏洞
Celestial AbsoluteTelnet is a Telnet/SSH terminal client software developed by the American company Celestial. Version 11.12 of Celestial AbsoluteTelnet contains a security vulnerability, which stems from a buffer overflow in the SSH2 username input field, potentially leading to a denial-of-servi...
PT-2026-6830
Name of the Vulnerable Software and Affected Versions AbsoluteTelnet version 11.12 Description The software contains a denial of service issue that allows local attackers to crash the application. This is achieved by providing an oversized license name, specifically a 2500-character payload, to t...
PT-2026-6831
Name of the Vulnerable Software and Affected Versions AbsoluteTelnet version 11.12 Description The software contains a denial of service issue that allows local attackers to crash the application. This is achieved by providing an oversized license name, specifically a 2500-character payload, to t...
Dell Encryption 后置链接漏洞
Dell Encryption is a suite of data protection solutions from Dell USA. The product includes features such as compliance management, authentication, disk data encryption, and port encryption. A backlink vulnerability exists in Dell Encryption versions prior to 11.12.1, which stems from improper li...
COINS Construction Cloud 跨站脚本漏洞
COINS Construction Cloud is an end-to-end suite of cloud and mobile software solutions from COINS, Inc. designed to help construction executives drive increased profitability across their business. A cross-site scripting vulnerability exists in COINS Construction Cloud version 11.12, which stems...
PT-2022-12310 · Coins · Coins Construction Cloud
Name of the Vulnerable Software and Affected Versions: COINS Construction Cloud version 11.12 Description: The issue is related to improper input neutralization, making it vulnerable to reflected cross-site scripting XSS via malicious links. This affects the search window and activity view window...
PT-2022-12308 · Coins · Coins Construction Cloud
Name of the Vulnerable Software and Affected Versions: COINS Construction Cloud version 11.12 Description: The issue is related to insufficient input neutralization, making it vulnerable to denial of service attacks via forced server crashes. Recommendations: For COINS Construction Cloud version...
CVE-2017-8056
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity XXE, in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new...