Lucene search
K

170 matches found

Vulnrichment
Vulnrichment
added 2023/06/28 12:0 a.m.11 views

CVE-2021-25827

Emby Server 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address...

6.5AI score0.01497EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/28 12:0 a.m.18 views

CVE-2021-25827

Emby Server 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address...

9.3AI score0.01497EPSS
Exploits1References3
NVD
NVD
added 2023/05/30 6:16 a.m.25 views

CVE-2023-33193

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

9.1CVSS9.3AI score0.01713EPSS
Exploits0References1
Prion
Prion
added 2023/05/30 6:16 a.m.18 views

Design/Logic Flaw

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

6.4CVSS9.1AI score0.01713EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/30 5:24 a.m.8 views

CVE-2023-33193 Emby Server Proxy Header Spoofing Vulnerability

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

9.1CVSS6.9AI score0.01713EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/30 5:24 a.m.34 views

CVE-2023-33193 Emby Server Proxy Header Spoofing Vulnerability

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

9.1CVSS9.5AI score0.01713EPSS
Exploits0References1
OSV
OSV
added 2023/05/30 5:24 a.m.23 views

CVE-2023-33193 Emby Server Proxy Header Spoofing Vulnerability

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

9.1CVSS8.7AI score0.01713EPSS
Exploits1References3
CVE
CVE
added 2023/05/30 5:24 a.m.55 views

CVE-2023-33193

Emby Server Authentication Bypass (CVE-2023-33193): A proxy-header spoofing flaw allows login without a password or viewing accounts if reverse-proxy headers are mishandled, affecting publicly accessible servers with weak admin login settings. Root cause: spoofed headers misclassify local/non-loc...

9.1CVSS9.3AI score0.01713EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.4 views

Emby Server 环境问题漏洞

Emby Server is a powerful media server for individual developers. The product can be used primarily for integrated multimedia editing such as video audio and photos. A security vulnerability exists in Emby Server versions prior to 4.7.12, which originates from a determination that may affect...

9.1CVSS8.2AI score0.01713EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.9 views

PT-2023-24210

Name of the Vulnerable Software and Affected Versions Emby Server versions prior to 4.7.12 Emby Server Beta versions prior to 4.8.31 Description This issue may allow administrative access to an Emby Server system, depending on certain user account settings. By spoofing certain headers intended fo...

9.1CVSS9.1AI score0.01713EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2023/05/25 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-33193

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

9.1CVSS7.3AI score0.01713EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/12/21 12:0 a.m.17 views

Emby Server <= 4.7.11 XSS Vulnerability

Emby Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.1AI score0.0041EPSS
Exploits0References1
CNVD
CNVD
added 2022/12/20 12:0 a.m.3 views

Emby Server Cross-Site Scripting Vulnerability (CNVD-2025-20435)

Emby Server is a personal media server software that supports storing, managing, and streaming personal media content with support for multiple device access. A cross-site scripting vulnerability exists in Emby Server, which stems from the lack of effective filtering and escaping of user-supplied...

6.1CVSS6.2AI score0.0041EPSS
Exploits0References1
NVD
NVD
added 2022/12/16 2:15 p.m.15 views

CVE-2022-36223

In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account...

6.1CVSS0.0041EPSS
Exploits0References2
Prion
Prion
added 2022/12/16 2:15 p.m.17 views

Design/Logic Flaw

In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account...

5.8CVSS5.9AI score0.0041EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/16 12:0 a.m.60 views

CVE-2022-36223

Emby Server 4.6.7.0 is affected by a stored XSS in the playlist name field that can be exploited to steal the administrator access token and take over the media server administrator account. The issue is documented across multiple sources (NVD, Red Hat, CNVD, OSV, etc.). Public exploit details ar...

6.1CVSS5.9AI score0.0041EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/16 12:0 a.m.4 views

CVE-2022-36223

In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account...

5.8AI score0.0041EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.8 views

PT-2022-23265 · Emby · Emby Server

Name of the Vulnerable Software and Affected Versions: Emby Server version 4.6.7.0 Description: The issue affects the playlist name field, which is vulnerable to stored XSS. This vulnerability allows for the potential theft of the administrator access token, enabling attackers to either flip or...

6.1CVSS6AI score0.0041EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/12/16 12:0 a.m.22 views

CVE-2022-36223

In Emby Server 4.6.7.0, the playlist name field is vulnerable to XSS stored where it is possible to steal the administrator access token and flip or steal the media server administrator account...

6.1AI score0.0041EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/16 12:0 a.m.6 views

Emby Server 跨站脚本漏洞

Emby Server is a personal media server software that supports storing, managing, and streaming personal media content with support for multiple device access. A cross-site scripting vulnerability exists in Emby Server, which stems from the lack of effective filtering and escaping of user-supplied...

6.1CVSS5.9AI score0.0041EPSS
Exploits0References2
Rows per page
Query Builder