NotCVE - vendor:"Logitech" product:"Media Server" version:"7.9.0"

5 results (0.005 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-5742

https://notcve.org/view.php?id=CVE-2020-5742

15 Jun 2020 — Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests. Un Control de Acceso Inapropiado en Plex Media Server antes del 15 de junio de 2020, permite que cualquier origen ejecute peticiones de aplicaciones de origen cruzado • https://www.tenable.com/security/research/tra-2020-35 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3

CVE-2017-16567 – Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-16567

07 Nov 2017 — Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote attackers to inject arbitrary web script or HTML via a "favorite." Una vulnerabilidad Cross-Site Scripting (XSS) en Logitech Media Server 7.9.0 permite que atacantes remotos inyecten scripts web o HTML arbitrarios a través de "favorite". Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. This vulnerability allows remote attackers to inject and permanently ... • https://packetstorm.news/files/id/144906 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3

CVE-2017-16568 – Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-16568

07 Nov 2017 — Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote attackers to inject arbitrary web script or HTML via a radio URL. Una vulnerabilidad Cross-Site Scripting (XSS) en Logitech Media Server 7.9.0 permite que atacantes remotos inyecten scripts web o HTML arbitrarios a través de una URL radio. Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. This vulnerability allows attackers to inject malicious JavaScrip... • https://packetstorm.news/files/id/144906 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 1

CVE-2017-15687 – Logitech Media Server - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-15687

23 Oct 2017 — DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0, and 7.9.1 via a crafted URI. Existe Cross-Site Scripting (XSS) basado en DOM en Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0 y 7.9.1 mediante una URI manipulada. • https://www.exploit-db.com/exploits/43024 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 2

CVE-2007-6036 – LIVE555 Media Server 2007.11.1 - ParseRTSPRequestString Remote Denial of Service

https://notcve.org/view.php?id=CVE-2007-6036

20 Nov 2007 — The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote attackers to cause a denial of service (daemon crash) via a short RTSP query, which causes a negative number to be used during memory allocation. La función parseRTSPRequestString en LIVE555 Media Server 2007.11.01 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través de una consulta pequeña RTSP, lo cual deriba en un número negativo para ser usado a lo largo de loc... • https://www.exploit-db.com/exploits/30776 • CWE-20: Improper Input Validation •