Media Server
by Avaya
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-5741 | 0.18 | — | 0.73 | KEV | May 8, 2020 | Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code. | ||
| CVE-2007-2374 | 0.01 | — | 0.17 | Apr 30, 2007 | Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is… | |||
| CVE-2022-40016 | 0.00 | — | 0.01 | Feb 15, 2023 | Use After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows attackers to cause a denial of service. | |||
| CVE-2021-33959 | 0.00 | — | 0.15 | Jan 18, 2023 | Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. | |||
| CVE-2022-27614 | 0.00 | — | 0.01 | Jul 28, 2022 | Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors. | |||
| CVE-2021-34808 | 0.00 | — | 0.01 | Jun 18, 2021 | Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors. |
- risk 0.18cvss —epss 0.73
Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code.
- CVE-2007-2374Apr 30, 2007risk 0.01cvss —epss 0.17
Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is…
- CVE-2022-40016Feb 15, 2023risk 0.00cvss —epss 0.01
Use After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows attackers to cause a denial of service.
- CVE-2021-33959Jan 18, 2023risk 0.00cvss —epss 0.15
Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.
- CVE-2022-27614Jul 28, 2022risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors.
- CVE-2021-34808Jun 18, 2021risk 0.00cvss —epss 0.01
Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.