VYPR
Vendor

Avid

Products
6
CVEs
5
Across products
8
Status
Private

Products

6

Recent CVEs

5
  • CVE-2024-26293HigJul 14, 2025
    risk 0.57cvss epss 0.00

    The Avid Nexis Agent uses a vulnerable gSOAP version. An undocumented vulnerability impacting gSOAP v2.8 makes the application vulnerable to an Unauthenticated Path Traversal vulnerability. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before…

  • CVE-2024-26291HigJul 14, 2025
    risk 0.57cvss epss 0.01

    An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges (root/NT_AUTHORITY SYSTEM) by…

  • CVE-2024-26290HigMar 12, 2025
    risk 0.57cvss epss 0.00

    Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance (SDA+) on Linux allows code execution on underlying operating system with root permissions.This issue…

  • CVE-2024-26292HigJul 14, 2025
    risk 0.46cvss epss 0.00

    An authenticated Arbitrary File Deletion vulnerability enables an attacker to delete critical files. This issue affects Avid NEXIS E-series: before 2025.5.1; Avid NEXIS F-series: before 2025.5.1; Avid NEXIS PRO+: before 2025.5.1; System Director Appliance (SDA+): before 2025.5.1.

  • CVE-2011-5003Dec 25, 2011
    risk 0.08cvss epss 0.63

    Stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) in Avid Media Composer 5.5.3 and earlier allows remote attackers to execute arbitrary code via a long request to TCP port 4659.