Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
streaming media vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0349
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote malicious users to execute arbitrary code via a large POST request to...
Microsoft Windows 2000
3 EDB exploits
NA
CVE-2007-0064
Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote malicious users to execute arbitrary code via a crafted Advanced Systems ...
Microsoft Windows Media Format Runtime 7.1
Microsoft Windows Media Format Runtime 9
Microsoft Windows Media Format Runtime 9.5
Microsoft Windows Media Format Runtime 11
Microsoft Windows Media Services 9.1
7.2
CVSSv3
CVE-2021-34362
A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote malicious users to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming...
Qnap Media Streaming Add-on
7.5
CVSSv3
CVE-2017-9793
The REST Plugin in Apache Struts 2.1.x, 2.3.7 up to and including 2.3.33 and 2.5 up to and including 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload.
Apache Struts 2.5.10.1
Apache Struts 2.3.12
Apache Struts 2.3.13
Apache Struts 2.3.15.2
Apache Struts 2.3.15.3
Apache Struts 2.3.16
Apache Struts 2.3.20.1
Apache Struts 2.3.20.2
Apache Struts 2.3.26
Apache Struts 2.3.27
Apache Struts 2.5
Apache Struts 2.5.5
Apache Struts 2.5.6
Apache Struts 2.3.8
Apache Struts 2.3.9
Apache Struts 2.3.14.2
Apache Struts 2.3.14.3
Apache Struts 2.3.16.3
Apache Struts 2.3.17
Apache Struts 2.3.23
Apache Struts 2.3.24.2
Apache Struts 2.3.29
3 Github repositories
1 Article
7.5
CVSSv3
CVE-2017-9804
In Apache Struts 2.3.7 up to and including 2.3.33 and 2.5 up to and including 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing v...
Apache Struts 2.5.12
Apache Struts 2.3.7
Apache Struts 2.3.14.1
Apache Struts 2.3.14.2
Apache Struts 2.3.16.1
Apache Struts 2.3.16.2
Apache Struts 2.3.21
Apache Struts 2.3.22
Apache Struts 2.3.28.1
Apache Struts 2.3.29
Apache Struts 2.5
Apache Struts 2.5.7
Apache Struts 2.5.8
Apache Struts 2.3.10
Apache Struts 2.3.11
Apache Struts 2.3.12
Apache Struts 2.3.15.1
Apache Struts 2.3.15.2
Apache Struts 2.3.19
Apache Struts 2.3.20
Apache Struts 2.3.25
Apache Struts 2.3.26
1 Github repository
1 Article
5.3
CVSSv3
CVE-2018-6922
One of the data structures that holds TCP segments in all versions of FreeBSD before 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number...
Freebsd Freebsd 10.4
Freebsd Freebsd 11.1
Freebsd Freebsd 11.2
7.8
CVSSv3
CVE-2016-5195
Race condition in mm/gup.c in the Linux kernel 2.x up to and including 4.x prior to 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka ...
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Tus 6.5
Redhat Enterprise Linux Eus 6.7
Redhat Enterprise Linux Long Life 5.6
Redhat Enterprise Linux Aus 6.4
Redhat Enterprise Linux 5
Redhat Enterprise Linux Long Life 5.9
Redhat Enterprise Linux Aus 6.2
Redhat Enterprise Linux Eus 7.1
Redhat Enterprise Linux Eus 6.6
Redhat Enterprise Linux Aus 6.5
Debian Debian Linux 8.0
Debian Debian Linux 7.0
5 EDB exploits
177 Github repositories
6 Articles
7.5
CVSSv3
CVE-2021-28899
Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media prior to 2021.3.16.
9.8
CVSSv3
CVE-2020-36195
An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote malicious users to obtain application information. QNAP has already fixed this vulnerability in the followin...
Qnap Qts
Qnap Qts 4.3.3
Qnap Qts 4.3.3.0095
Qnap Qts 4.3.3.0096
Qnap Qts 4.3.3.0136
Qnap Qts 4.3.3.0154
Qnap Qts 4.3.3.0174
Qnap Qts 4.3.3.0188
Qnap Qts 4.3.3.0210
Qnap Qts 4.3.3.0229
Qnap Qts 4.3.3.0238
Qnap Qts 4.3.3.0262
Qnap Qts 4.3.3.0299
Qnap Qts 4.3.3.0351
Qnap Qts 4.3.3.0353
Qnap Qts 4.3.3.0361
Qnap Qts 4.3.3.0369
Qnap Qts 4.3.3.0378
Qnap Qts 4.3.3.0396
Qnap Qts 4.3.3.0404
Qnap Qts 4.3.3.0416
Qnap Qts 4.3.3.0418
6.5
CVSSv3
CVE-2017-7638
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.
Qnap Media Streaming Add-on
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »