Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
streaming engine vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-7047
An issue exists in the MBeans Server in Wowza Streaming Engine prior to 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).
Wowza Streaming Engine
6.1
CVSSv3
CVE-2018-7049
An issue exists in Wowza Streaming Engine prior to 4.7.1. There is an XSS vulnerability in the HTTP providers (com.wowza.wms.http.HTTPProviderMediaList and com.wowza.wms.http.streammanager.HTTPStreamManager) causing script injection and/or reflection via a crafted HTTP request.
Wowza Streaming Engine
5.3
CVSSv3
CVE-2017-16922
In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Streaming Engine prior to 4.7.1, traversal of the directory structure and retrieval of a file are possible via a remote, specifically crafted HTTP request.
Wowza Streaming Engine
6.5
CVSSv3
CVE-2021-35492
Wowza Streaming Engine up to and including 4.8.11+5 could allow an authenticated, remote malicious user to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is due to the insufficient management of available filesystem resour...
Wowza Streaming Engine
1 Github repository
6.5
CVSSv3
CVE-2019-7654
Wowza Streaming Engine 4.8.0 and previous versions suffers from multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as adding another admin user via enginemanager/server/user/edit.htm in the Server-&g...
Wowza Streaming Engine
7.8
CVSSv3
CVE-2019-7656
A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and previous versions allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/* core program files. By injecting a pay...
Wowza Streaming Engine
9.1
CVSSv3
CVE-2018-19365
The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request.
Wowza Streaming Engine 4.7.4.0.1
NA
CVE-2003-0982
Buffer overflow in the authentication module for Cisco ACNS 4.x prior to 4.2.11, and 5.x prior to 5.0.5, allows remote malicious users to execute arbitrary code via a long password.
Cisco Application And Content Networking Software 5.0
Cisco Application And Content Networking Software 5.0.1
Cisco Content Distribution Manager 4650 4.1
Cisco Content Distribution Manager 4670
Cisco Content Engine 560 3.1
Cisco Content Engine 560 4.0
Cisco Content Engine 7320
Cisco Content Engine 7320 2.2 .0
Cisco Content Router 4430
Cisco Content Router 4450
Cisco Application And Content Networking Software 4.2.7
Cisco Application And Content Networking Software 4.2.9
Cisco Content Distribution Manager 4650
Cisco Content Distribution Manager 4650 4.0
Cisco Content Engine 560
Cisco Content Engine 560 2.2 .0
Cisco Content Engine 590 4.0
Cisco Content Engine 590 4.1
Cisco Content Engine Module For Cisco Router 3600 Series
Cisco Content Engine Module For Cisco Router 3700 Series
Cisco Application And Content Networking Software 4.0.3
Cisco Application And Content Networking Software 4.1.1
NA
CVE-2010-2824
Unspecified vulnerability on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers allows remote malicious users to cause a denial of ser...
Cisco Ace Module
NA
CVE-2010-2823
Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote malicious users to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, an...
Cisco Ace 4710 A3\\(1.0\\)
Cisco Ace 4710 A1\\(8.0\\)
Cisco Ace 4710 A1\\(2.0\\)
Cisco Ace 4710
Cisco Ace 4710 A3\\(2.0\\)
Cisco Ace 4710 A3\\(2.5\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »