Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
streaming media vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47220
An OS command injection vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following version: Media Streaming ...
NA
CVE-2024-27072
In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtv_video_free() Remove locks calls in usbtv_video_free() because are useless and may led to a deadlock as reported here: https://syzkaller.appspot.com/x/bisect.txt?x=166dc...
NA
CVE-2023-47222
An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following version: Media...
NA
CVE-2024-32656
Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 up to and including 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerab...
NA
CVE-2023-52589
In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ disable race issue In rkisp1_isp_stop() and rkisp1_csi_disable() the driver masks the interrupts and then apparently assumes that the interrupt handler won't be running, and proceeds i...
NA
CVE-2023-48702
Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the `/System/MediaEncoder/Path` endpoint executes an arbitrary file using `ProcessStartInfo` via the `ValidateVersion` function. A malicious administrator can setup a network share and supply a UNC p...
Jellyfin Jellyfin
NA
CVE-2023-49096
Jellyfin is a Free Software Media System for managing and streaming media. In affected versions there is an argument injection in the VideosController, specifically the `/Videos/<itemId>/stream` and `/Videos/<itemId>/stream.<container>` endpoints which are prese...
Jellyfin Jellyfin
NA
CVE-2023-23369
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1...
Qnap Qts 5.1.0.2348
Qnap Qts 4.3.6.1831
Qnap Qts 4.3.6.1750
Qnap Qts 4.3.6.1711
Qnap Qts 4.3.6.1663
Qnap Qts 4.3.6.2050
Qnap Qts 4.3.6.1965
Qnap Qts 4.3.6.1907
Qnap Qts 4.3.6.2232
Qnap Qts 4.3.6.1620
Qnap Qts 4.3.6.1446
Qnap Qts 4.3.6.1411
Qnap Qts 4.3.6.1333
Qnap Qts 4.3.6.1286
Qnap Qts 4.3.6.1263
Qnap Qts 4.3.6.1218
Qnap Qts 4.3.6.1154
Qnap Qts 4.3.6.1070
Qnap Qts 4.3.6.1033
Qnap Qts 4.3.6.1013
Qnap Qts 4.3.6.0993
Qnap Qts 4.3.6.0979
NA
CVE-2023-32322
Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. Versions before 4.38.2 contain an arbitrary file read vulnerability where an Ombi administrative user may access files available to the Ombi server process ...
Ombi Ombi
NA
CVE-2022-41952
Synapse prior to 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after `max_spider_size` (default: 10M) bytes have been downloaded, which can i...
Matrix Synapse
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »