Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
streaming engine vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-31539
Wowza Streaming Engine prior to 4.8.8.01 (in a default installation) has cleartext passwords stored in the conf/admin.password file. A regular local user is able to read usernames and passwords.
Wowza Streaming Engine
3.6
CVSSv2
CVE-2021-31540
Wowza Streaming Engine up to and including 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all the configuration files, e.g., modify the application server configurat...
Wowza Streaming Engine
7.2
CVSSv2
CVE-2019-19455
Wowza Streaming Engine prior to 4.8.5 has Insecure Permissions which may allow a local malicious user to escalate privileges in / usr / local / WowzaStreamingEngine / manager / bin / in the Linux version of the server by writing arbitrary commands in any file and execute them as ...
Wowza Streaming Engine
5
CVSSv2
CVE-2019-19454
An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine 4.8.0.
Wowza Streaming Engine
4.3
CVSSv2
CVE-2019-19456
A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine 4.8.0.
Wowza Streaming Engine
5
CVSSv2
CVE-2017-16922
In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Streaming Engine prior to 4.7.1, traversal of the directory structure and retrieval of a file are possible via a remote, specifically crafted HTTP request.
Wowza Streaming Engine
6.4
CVSSv2
CVE-2018-19365
The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request.
Wowza Streaming Engine 4.7.4.0.1
7.5
CVSSv2
CVE-2003-0982
Buffer overflow in the authentication module for Cisco ACNS 4.x prior to 4.2.11, and 5.x prior to 5.0.5, allows remote malicious users to execute arbitrary code via a long password.
Cisco Application And Content Networking Software 5.0
Cisco Application And Content Networking Software 5.0.1
Cisco Content Distribution Manager 4650 4.1
Cisco Content Distribution Manager 4670
Cisco Content Engine 560 3.1
Cisco Content Engine 560 4.0
Cisco Content Engine 7320
Cisco Content Engine 7320 2.2 .0
Cisco Content Router 4430
Cisco Content Router 4450
Cisco Application And Content Networking Software 4.2.7
Cisco Application And Content Networking Software 4.2.9
Cisco Content Distribution Manager 4650
Cisco Content Distribution Manager 4650 4.0
Cisco Content Engine 560
Cisco Content Engine 560 2.2 .0
Cisco Content Engine 590 4.0
Cisco Content Engine 590 4.1
Cisco Content Engine Module For Cisco Router 3600 Series
Cisco Content Engine Module For Cisco Router 3700 Series
Cisco Application And Content Networking Software 4.0.3
Cisco Application And Content Networking Software 4.1.1
7.8
CVSSv2
CVE-2010-2824
Unspecified vulnerability on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers allows remote malicious users to cause a denial of ser...
Cisco Ace Module
7.8
CVSSv2
CVE-2010-2823
Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote malicious users to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, an...
Cisco Ace 4710 A3\\(1.0\\)
Cisco Ace 4710 A1\\(8.0\\)
Cisco Ace 4710 A1\\(2.0\\)
Cisco Ace 4710
Cisco Ace 4710 A3\\(2.0\\)
Cisco Ace 4710 A3\\(2.5\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »