RHEL 9 : fence-agents (RHSA-2026:21431)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21431 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

RockyLinux 9 : fence-agents (RLSA-2026:13672)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13672 advisory. cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves CVE-2026-26007 pyjwt: PyJWT accepts unknown crit header...

AlmaLinux 10 : fence-agents (ALSA-2026:13916)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13916 advisory. pyjwt: PyJWT accepts unknown crit header extensions RFC 7515 ?4.1.11 MUST violation CVE-2026-32597 pyasn1: pyasn1 Vulnerable to Denial of Service via...

CVE-2026-32256

music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...

CVE-2026-32256

music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...

CVE-2026-32256 music-metadata has an infinite loop vulnerability in ASF parser

music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...

CVE-2026-32256

CVE-2026-32256 affects the music-metadata library in the ASF parser path (parseExtensionObject in lib/asf/AsfParser.ts). Before version 11.12.3, if a sub-object inside the ASF Header Extension Object has objectSize = 0, the parser can enter an infinite loop, causing an application hang. Version 1...

CVE-2026-32256

music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...

GHSA-V6C2-XWV6-8XF7 music-metadata has an infinite loop vulnerability in ASF parser

Summary music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Root Cause When objectSize is 0: 1. remaining = 0 - 24 = -24 2. tokenizer.ignore-24 moves the read position...

EUVD-2020-9397

Malware in sbrugna...

CVE-2024-53020

Information disclosure may occur while decoding the RTP packet with invalid header extension from network...

CVE-2024-53020

Information disclosure may occur while decoding the RTP packet with invalid header extension from network...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a potential information disclosure when decoding network invalid header extension RTP packets...

SUSE CVE-2024-48615

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...

AZL-59377 CVE-2024-48615 affecting package libarchive for versions less than 3.6.1-6

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...

CVE-2020-25112

An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet...

CVE-2020-17444

An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field and deducing whether the IPv6 extension headers are valid doesn't check whether the header extension length field would overflow. Therefore, if it wraps around to zero, iterating through the extension heade...

CVE-2020-25112

An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet...

CVE-2020-25112

The CVE-2020-25112 entry corresponds to a memory-corruption vulnerability in Contiki’s uIP-Contiki-OS IPv6 stack. The issue arises from insufficient and inconsistent checks of IPv6 header extension lengths, enabling crafted ICMPv6 or other IPv6-extension-based packets to trigger memory corruption...

CVE-2020-17444

An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field and deducing whether the IPv6 extension headers are valid doesn't check whether the header extension length field would overflow. Therefore, if it wraps around to zero, iterating through the extension heade...