Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wowza streaming engine vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-7654
Wowza Streaming Engine 4.8.0 and previous versions suffers from multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as adding another admin user via enginemanager/server/user/edit.htm in the Server-&g...
Wowza Streaming Engine
312
VMScore
CVE-2019-7655
Wowza Streaming Engine 4.8.0 and previous versions from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup configuration or the (2) host field in enginemanager/j_spring_security...
Wowza Streaming Engine
641
VMScore
CVE-2019-7656
A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and previous versions allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/* core program files. By injecting a pay...
Wowza Streaming Engine
668
VMScore
CVE-2018-7047
An issue exists in the MBeans Server in Wowza Streaming Engine prior to 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).
Wowza Streaming Engine
445
VMScore
CVE-2018-7048
An issue exists in Wowza Streaming Engine prior to 4.7.1. There is a denial of service (memory consumption) via a crafted HTTP request.
Wowza Streaming Engine
383
VMScore
CVE-2018-7049
An issue exists in Wowza Streaming Engine prior to 4.7.1. There is an XSS vulnerability in the HTTP providers (com.wowza.wms.http.HTTPProviderMediaList and com.wowza.wms.http.streammanager.HTTPStreamManager) causing script injection and/or reflection via a crafted HTTP request.
Wowza Streaming Engine
570
VMScore
CVE-2018-19365
The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request.
Wowza Streaming Engine 4.7.4.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2