ReportizFlow
Filtered by vendor Wowza
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19453 | 1 Wowza | 1 Streaming Engine | 2024-11-21 | 5.4 Medium |
| Wowza Streaming Engine before 4.8.5 allows XSS (issue 1 of 2). An authenticated user, with access to the proxy license editing is able to insert a malicious payload that will be triggered in the main page of server settings. This issue was resolved in Wowza Streaming Engine 4.8.5. | ||||
| CVE-2018-7049 | 1 Wowza | 1 Streaming Engine | 2024-11-21 | N/A |
| An issue was discovered in Wowza Streaming Engine before 4.7.1. There is an XSS vulnerability in the HTTP providers (com.wowza.wms.http.HTTPProviderMediaList and com.wowza.wms.http.streammanager.HTTPStreamManager) causing script injection and/or reflection via a crafted HTTP request. | ||||
| CVE-2018-7048 | 1 Wowza | 1 Streaming Engine | 2024-11-21 | N/A |
| An issue was discovered in Wowza Streaming Engine before 4.7.1. There is a denial of service (memory consumption) via a crafted HTTP request. | ||||
| CVE-2018-7047 | 1 Wowza | 1 Streaming Engine | 2024-11-21 | N/A |
| An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well). | ||||
| CVE-2018-19365 | 1 Wowza | 1 Streaming Engine | 2024-11-21 | 9.1 Critical |
| The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request. | ||||
| CVE-2017-16922 | 1 Wowza | 1 Streaming Engine | 2024-11-21 | N/A |
| In com.wowza.wms.timedtext.http.HTTPProviderCaptionFile in Wowza Streaming Engine before 4.7.1, traversal of the directory structure and retrieval of a file are possible via a remote, specifically crafted HTTP request. | ||||