Lucene search
K

170 matches found

Tenable Nessus
Tenable Nessus
added 2022/03/12 12:0 a.m.41 views

openSUSE 15 Security Update : minidlna (openSUSE-SU-2022:0079-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2022:0079-1 advisory. - A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files. CVE-2022-26505 Note that...

7.4CVSS7.3AI score0.01578EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2022/03/11 12:0 a.m.57 views

Security update for minidlna (moderate)

openSUSE Security Update: Security update for minidlna Announcement ID: openSUSE-SU-2022:0079-1 Rating: moderate References: 1181400 1196814 Cross-References: CVE-2022-26505 CVSS scores: CVE-2022-26505 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports...

7.5CVSS7.6AI score0.01578EPSS
Exploits0References2
OSV
OSV
added 2022/03/10 11:2 p.m.8 views

OPENSUSE-SU-2022:0079-1 Security update for minidlna

This update for minidlna fixes the following issues: minidlna was updated to version 1.3.1 boo1196814 - Fixed a potential crash in SSDP request parsing. - Fixed a configure script failure on some platforms. - Protect against DNS rebinding attacks. CVE-2022-26505 - Fix an socket leakage issue on...

7.4CVSS7.6AI score0.01578EPSS
Exploits0References4
CNVD
CNVD
added 2022/03/08 12:0 a.m.24 views

ReadyMedia has unspecified vulnerabilities

ReadyMedia formerly MiniDLNA is a set of media service software compatible with LNA/UPnP-AV clients. The software supports media files such as music, pictures, videos, etc. A security vulnerability in DNS exists in versions of ReadyMedia formerly MiniDLNA prior to 1.3.1, which stems from a DNS...

7.4CVSS3.3AI score0.01578EPSS
Exploits0References1
OSV
OSV
added 2022/03/06 7:15 a.m.2 views

DEBIAN-CVE-2022-26505

A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files...

7.4CVSS7.4AI score0.01578EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/06 7:15 a.m.2 views

CVE-2022-26505

A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files...

7.4CVSS7.1AI score0.01578EPSS
Exploits0References6
CVE
CVE
added 2022/03/06 12:0 a.m.149 views

CVE-2022-26505

CVE-2022-26505 affects ReadyMedia (MiniDLNA) prior to 1.3.1. A DNS rebinding flaw lets a remote web server exfiltrate media files. Public advisories (Debian, Gentoo GLSA, openSUSE, Ubuntu USN) show affected versions range up to 1.3.1 and note updates/patches (e.g., Debian DLA-2973 fixes in 1.1.6+...

7.4CVSS7.2AI score0.01578EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2020-0483)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.15193EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2021/02/05 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-4722-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.15193EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.50 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : ReadyMedia (MiniDLNA) vulnerabilities (USN-4722-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4722-1 advisory. It was discovered that ReadyMedia MiniDLNA allowed subscription requests with a delivery URL on a different network segment than...

9.8CVSS7.3AI score0.15193EPSS
Exploits4References3
Debian
Debian
added 2021/01/05 8:58 p.m.14 views

[SECURITY] [DSA 4806-2] minidlna regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-4806-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 05, 2021 https://www.debian.org/security/faq -...

2.3AI score
Exploits0
Debian
Debian
added 2021/01/05 8:58 p.m.49 views

[SECURITY] [DSA 4806-2] minidlna regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-4806-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 05, 2021 https://www.debian.org/security/faq -...

6.8AI score
Exploits0
OSV
OSV
added 2021/01/05 12:0 a.m.15 views

DSA-4806-2 minidlna - regression update

Bulletin has no description...

7.2AI score
Exploits0
Mageia
Mageia
added 2020/12/31 2:32 p.m.50 views

Updated minidlna packages fix security vulnerabilities

It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue CVE-2020-12695. Minidlna before versions 1.3.0 allows remote code execution...

9.8CVSS1.5AI score0.15193EPSS
Exploits4References2
OSV
OSV
added 2020/12/31 2:32 p.m.10 views

MGASA-2020-0483 Updated minidlna packages fix security vulnerabilities

It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue CVE-2020-12695. Minidlna before versions 1.3.0 allows remote code execution...

9.8CVSS8.1AI score0.15193EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2020/12/14 12:0 a.m.21 views

Debian: Security Advisory (DLA-2489-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.15193EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2020/12/11 12:0 a.m.38 views

Debian DLA-2489-1 : minidlna security update

It was discovered that missing input validation in minidlna, a lightweight DLNA/UPnP-AV server could result in the execution of arbitrary code. In addition minidlna was susceptible to the 'CallStranger' UPnP vulnerability. For Debian 9 stretch, these problems have been fixed in version...

9.8CVSS7AI score0.15193EPSS
Exploits4References5
Debian
Debian
added 2020/12/10 9:27 p.m.47 views

[SECURITY] [DLA 2489-1] minidlna security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2489-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 10, 2020 https://wiki.debian.org/LTS -...

9.8CVSS8.5AI score0.15193EPSS
Exploits4
OSV
OSV
added 2020/12/10 3:24 p.m.10 views

OPENSUSE-SU-2020:2226-1 Security update for minidlna

This update for minidlna fixes the following issues: minidlna was updated to version 1.3.0 boo1179447 - Fixed some build warnings when building with musl. - Use $USER instead of $LOGNAME for the default friendly name. - Fixed build with GCC 10 - Fixed some warnings from newer compilers - Disallow...

9.8CVSS7.7AI score0.15193EPSS
Exploits4References4
OPENSUSE Linux
OPENSUSE Linux
added 2020/12/10 12:0 a.m.44 views

Security update for minidlna (moderate)

openSUSE Security Update: Security update for minidlna Announcement ID: openSUSE-SU-2020:2226-1 Rating: moderate References: 1179447 Cross-References: CVE-2020-12695 CVE-2020-28926 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes two vulnerabilities is now available...

9.8CVSS7.3AI score0.15193EPSS
Exploits4References1
Rows per page
Query Builder