Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
media server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-40016
Use After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows malicious users to cause a denial of service.
Media-server Project Media-server
NA
CVE-2006-4290
Directory traversal vulnerability in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x prior to 20060626 allows remote malicious users to gain sensitive information via unspecified vectors.
Sony Vaio Media Server 4.0
Sony Vaio Media Server 5.0
Sony Vaio Media Server 2.0
Sony Vaio Media Server 3.0
NA
CVE-2006-4289
Buffer overflow in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x prior to 20060626 allows remote malicious users to execute arbitrary code via unspecified vectors.
Sony Vaio Media Server 5.0
Sony Vaio Media Server 2.0
Sony Vaio Media Server 3.0
Sony Vaio Media Server 4.0
7.8
CVSSv3
CVE-2018-3697
Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access.
Intel Media Server Studio 2016
Intel Media Server Studio 2017
Intel Media Server Studio 2015
NA
CVE-2005-4216
The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote malicious users to cause a denial of service (application crash) via a malformed request with a single character to port 1111.
Macromedia Flash Media Server 2.0
Macromedia Flash Media Server 2.0 R1145
1 EDB exploit
NA
CVE-2008-5109
The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for (1) RTMPE and (2) RTMPTE sessions, which makes it easier for remote malicious users to make copies of video content via stream-capture software.
Adobe Flash Media Server 3.0
Adobe Flash Media Server 3.5
NA
CVE-2004-1050
Heap-based buffer overflow in Internet Explorer 6 allows remote malicious users to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or...
Avaya Ip600 Media Servers
Avaya Ip600 Media Servers R10
Microsoft Internet Explorer 6.0
Microsoft Ie 6.0
Avaya Definity One Media Server R8
Avaya Definity One Media Server R9
Avaya S3400
Avaya S8100 R8
Avaya S8100 R9
Avaya Ip600 Media Servers R8
Avaya Ip600 Media Servers R9
Avaya Definity One Media Server R6
Avaya Definity One Media Server R7
Avaya S8100 R6
Avaya S8100 R7
Avaya Ip600 Media Servers R6
Avaya Ip600 Media Servers R7
Avaya Definity One Media Server R11
Avaya Definity One Media Server R12
Avaya S8100 R11
Avaya S8100 R12
Avaya Ip600 Media Servers R11
1 EDB exploit
9.8
CVSSv3
CVE-2018-8914
SQL injection vulnerability in UPnP DMA in Synology Media Server prior to 1.7.6-2842 and prior to 1.4-2654 allows remote malicious users to execute arbitrary SQL commands via the ObjectID parameter.
Synology Media Server
NA
CVE-2014-9304
Plex Media Server prior to 0.9.9.3 allows remote malicious users to bypass the web server whitelist, conduct SSRF attacks, and execute arbitrary administrative actions via multiple crafted X-Plex-Url headers to system/proxy, which are inconsistently processed by the request handl...
Plex Media Server
1 EDB exploit
NA
CVE-2007-5824
webserver.c in mt-dappd in Firefly Media Server 0.2.4 and previous versions allows remote malicious users to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in ...
Firefly Media Server
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »