Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
streaming media vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-6922
One of the data structures that holds TCP segments in all versions of FreeBSD before 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number...
Freebsd Freebsd 10.4
Freebsd Freebsd 11.1
Freebsd Freebsd 11.2
10
CVSSv2
CVE-2017-7640
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions allows remote malicious users to run arbitrary OS commands against the system with root privileges.
Qnap Media Streaming Add-on
6.8
CVSSv2
CVE-2017-7641
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions does not utilize CSRF protections.
Qnap Media Streaming Add-on
4.3
CVSSv2
CVE-2017-7634
Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions allows remote malicious users to inject arbitrary web script or HTML. The injected code will only be triggered by a crafted link, not the no...
Qnap Media Streaming Add-on
6.4
CVSSv2
CVE-2017-7638
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.
Qnap Media Streaming Add-on
5
CVSSv2
CVE-2017-9804
In Apache Struts 2.3.7 up to and including 2.3.33 and 2.5 up to and including 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing v...
Apache Struts 2.5.12
Apache Struts 2.3.7
Apache Struts 2.3.14.1
Apache Struts 2.3.14.2
Apache Struts 2.3.16.1
Apache Struts 2.3.16.2
Apache Struts 2.3.21
Apache Struts 2.3.22
Apache Struts 2.3.28.1
Apache Struts 2.3.29
Apache Struts 2.5
Apache Struts 2.5.7
Apache Struts 2.5.8
Apache Struts 2.3.10
Apache Struts 2.3.11
Apache Struts 2.3.12
Apache Struts 2.3.15.1
Apache Struts 2.3.15.2
Apache Struts 2.3.19
Apache Struts 2.3.20
Apache Struts 2.3.25
Apache Struts 2.3.26
1 Github repository
1 Article
7.5
CVSSv2
CVE-2017-12611
In Apache Struts 2.0.0 up to and including 2.3.33 and 2.5 up to and including 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
Apache Struts 2.0.3
Apache Struts 2.0.5
Apache Struts 2.0.11.1
Apache Struts 2.0.12
Apache Struts 2.1.4
Apache Struts 2.1.6
Apache Struts 2.2.3
Apache Struts 2.3.1
Apache Struts 2.3.6
Apache Struts 2.3.8
Apache Struts 2.3.14.1
Apache Struts 2.3.14.3
Apache Struts 2.3.16
Apache Struts 2.3.16.2
Apache Struts 2.3.17
Apache Struts 2.3.21
Apache Struts 2.0.1
Apache Struts 2.0.2
Apache Struts 2.0.14
Apache Struts 2.1.0
Apache Struts 2.1.1
Apache Struts 2.1.2
1 Github repository
1 Article
5
CVSSv2
CVE-2017-9793
The REST Plugin in Apache Struts 2.1.x, 2.3.7 up to and including 2.3.33 and 2.5 up to and including 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload.
Apache Struts 2.5.10.1
Apache Struts 2.3.12
Apache Struts 2.3.13
Apache Struts 2.3.15.2
Apache Struts 2.3.15.3
Apache Struts 2.3.16
Apache Struts 2.3.20.1
Apache Struts 2.3.20.2
Apache Struts 2.3.26
Apache Struts 2.3.27
Apache Struts 2.5
Apache Struts 2.5.5
Apache Struts 2.5.6
Apache Struts 2.3.8
Apache Struts 2.3.9
Apache Struts 2.3.14.2
Apache Struts 2.3.14.3
Apache Struts 2.3.16.3
Apache Struts 2.3.17
Apache Struts 2.3.23
Apache Struts 2.3.24.2
Apache Struts 2.3.29
3 Github repositories
1 Article
6.8
CVSSv2
CVE-2017-9805
The REST Plugin in Apache Struts 2.1.1 up to and including 2.3.x prior to 2.3.34 and 2.5.x prior to 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Apache Struts 2.1.8
Apache Struts 2.1.8.1
Apache Struts 2.3.1.2
Apache Struts 2.3.3
Apache Struts 2.3.14.2
Apache Struts 2.3.14.3
Apache Struts 2.3.16.2
Apache Struts 2.3.16.3
Apache Struts 2.3.28
Apache Struts 2.3.28.1
Apache Struts 2.5.3
Apache Struts 2.5.4
Apache Struts 2.5.10.1
Apache Struts 2.5.11
Apache Struts 2.1.2
Apache Struts 2.2.1
Apache Struts 2.2.1.1
Apache Struts 2.3.4
Apache Struts 2.3.4.1
Apache Struts 2.3.15
Apache Struts 2.3.15.1
Apache Struts 2.3.20
1 EDB exploit
18 Github repositories
3 Articles
7.5
CVSSv2
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »