Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icecast icecast vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-4612
icecast prior to 2.3.3 allows remote malicious users to inject control characters such as newlines into the error loc (error.log) via a crafted URL.
Xiph Icecast
5
CVSSv2
CVE-2005-0837
IceCast 2.20 allows remote malicious users to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl file with a trailing . (dot).
Icecast Icecast 2.0.2
Icecast Icecast 2.1.0
Icecast Icecast 2.0
Icecast Icecast 2.0.1
Icecast Icecast 2.2
5
CVSSv2
CVE-2004-2027
Buffer overflow in Icecast 2.0.0 and previous versions allows remote malicious users to cause a denial of service (crash) via a long Basic Authorization header that triggers an out-of-bounds read.
Icecast Icecast 1.3.10
Icecast Icecast 1.3.10.1
Icecast Icecast 1.3.9
Icecast Icecast 1.3.9.1
Icecast Icecast 1.3.0
Icecast Icecast 1.3.7.1
Icecast Icecast 1.3.8
Icecast Icecast 1.3.11
Icecast Icecast 1.3.12
Icecast Icecast 1.3.9.2
Icecast Icecast 2.0.0
Icecast Icecast 1.3.5
Icecast Icecast 1.3.5.1
Icecast Icecast 1.3.7
5
CVSSv2
CVE-2002-1982
Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote malicious users to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not.
Icecast Icecast 1.3.12
1 EDB exploit
5
CVSSv2
CVE-2001-0784
Directory traversal vulnerability in Icecast 1.3.10 and previous versions allows remote malicious users to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
Icecast Icecast 1.3.7
Icecast Icecast 1.3.8 Beta2
Icecast Icecast
1 EDB exploit
5
CVSSv2
CVE-2001-1083
Icecast 1.3.7, and other versions prior to 1.3.11 with HTTP server file streaming support enabled allows remote malicious users to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
Icecast Icecast 1.3.7
Icecast Icecast 1.3.8 Beta2
Icecast Icecast 1.0.0
1 EDB exploit
4.6
CVSSv2
CVE-2014-9091
Icecast prior to 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
Icecast Icecast
4.3
CVSSv2
CVE-2004-0781
Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and previous versions allows remote malicious users to inject arbitrary web script via the UserAgent parameter.
Icecast Icecast 1.3.10
Icecast Icecast 1.3.10.1
Icecast Icecast 1.3.8
Icecast Icecast 1.3.9
Icecast Icecast 1.3.11
Icecast Icecast 1.3.12
Icecast Icecast 1.3.9.1
Icecast Icecast 1.3.9.2
Icecast Icecast 1.3.0
Icecast Icecast 1.3.7
Icecast Icecast 1.3.7.1
Icecast Icecast 1.3.5
Icecast Icecast 1.3.5.1
NA
CVE-2022-41952
Synapse prior to 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after `max_spider_size` (default: 10M) bytes have been downloaded, which can i...
Matrix Synapse
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2