Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
media server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2024-24262
media-server v1.0.0 exists to contain a Use-After-Free (UAF) vulnerability via the sip_uac_stop_timer function at /uac/sip-uac-transaction.c.
Ireader Media-server 1.0.0
5.4
CVSSv3
CVE-2017-16568
Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote malicious users to inject arbitrary web script or HTML via a radio URL.
Logitech Media Server 7.9.0
1 EDB exploit
1 Github repository
NA
CVE-2007-5825
Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and previous versions allows remote malicious users to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or ...
Firefly Media Server 0.2.4
7.5
CVSSv3
CVE-2017-6427
A Buffer Overflow exists in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a GET request.
Evostream Media Server 1.7.1
1 EDB exploit
NA
CVE-2004-0205
Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
Avaya Definity One Media Server
Avaya S8100
Avaya Ip600 Media Servers
Microsoft Internet Information Server 4.0
Avaya Modular Messaging Message Storage Server S3400
9.8
CVSSv3
CVE-2018-13416
In Universal Media Server (UMS) 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same...
Spirton Universal Media Server 7.1.0
1 EDB exploit
6.5
CVSSv3
CVE-2018-21031
Tautulli versions 2.1.38 and below allows remote malicious users to bypass intended access control in Plex Media Server because the X-Plex-Token is mishandled and can be retrieved from Tautulli. NOTE: Initially, this id was associated with Plex Media Server 1.18.2.2029-36236cc4c ...
Plex Media Server 1.18.2.2029-36236cc4c
NA
CVE-2012-5875
Firefly Media Server 1.0.0.1359 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the (2) Accept Language header, (3) User-agent header, (4) Host header, or (5) pr...
Fireflymediaserver Firefly Media Server 1.0.0.1359
1 EDB exploit
NA
CVE-2007-6148
Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 prior to 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote malicious users to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests.
Adobe Connect Enterprise Server
Adobe Flash Media Server 2
NA
CVE-2007-6431
Unspecified vulnerability in Adobe Flash Media Server 2 prior to 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote malicious users to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149.
Adobe Flash Media Server 2
Adobe Connect Enterprise Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »