Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
media server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-51443
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to D...
Freeswitch Freeswitch
NA
CVE-2023-48702
Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the `/System/MediaEncoder/Path` endpoint executes an arbitrary file using `ProcessStartInfo` via the `ValidateVersion` function. A malicious administrator can setup a network share and supply a UNC p...
Jellyfin Jellyfin
NA
CVE-2023-49279
Umbraco is an ASP.NET content management system (CMS). Starting in version 7.0.0 and prior to versions 7.15.11, 8.18.9, 10.7.0, 11.5.0, and 12.2.0, a user with access to the backoffice can upload SVG files that include scripts. If the user can trick another user to load the media...
Umbraco Umbraco Cms
NA
CVE-2023-21740
Windows Media Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 1809
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
Microsoft Windows Server 2022 23h2
NA
CVE-2023-5875
Mattermost Desktop fails to correctly handle permissions or prompt the user for consent on certain sensitive ones allowing media exploitation from a malicious mattermost server
Mattermost Mattermost Desktop
NA
CVE-2023-36710
Windows Media Foundation Core Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 22h2
Microsoft Windows 10 1809
Microsoft Windows 10 21h2
Microsoft Windows 10 1507
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 1607
NA
CVE-2023-43662
ShokoServer is a media server which specializes in organizing anime. In affected versions the `/api/Image/WithPath` endpoint is accessible without authentication and is supposed to return default server images. The endpoint accepts the parameter `serverImagePath`, which is not sa...
Shokoanime Shokoserver
NA
CVE-2023-26961
Alteryx Server 2022.1.1.42590 does not employ file type verification for uploaded files. This vulnerability allows malicious users to upload arbitrary files (e.g., JavaScript content for stored XSS) via the type field in a JSON document within a PUT /gallery/api/media request.
Alteryx Alteryx Server 2022.1.1.42590
NA
CVE-2023-4167
A vulnerability was found in Media Browser Emby Server 4.7.13.0 and classified as problematic. This issue affects some unknown processing of the file /web/. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...
Emby Emby.releases 4.7.13.0
NA
CVE-2023-20216
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local malicious user to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. A...
Cisco Broadworks Application Server
Cisco Broadworks Application Delivery Platform
Cisco Broadworks Network Server
Cisco Broadworks Profile Server
Cisco Broadworks Xtended Services Platform
Cisco Broadworks Troubleshooting Server
Cisco Broadworks Network Function Manager
Cisco Broadworks Network Database Server
Cisco Broadworks Execution Server
Cisco Broadworks Database Server
Cisco Broadworks Service Control Function Server
Cisco Broadworks Media Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »