Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/24 6:18 p.m.29 views

CVE-2026-49247 Jellyfin: Potential Authenticated path traversal in /ClientLog/Document

Jellyfin is an open source self hosted media server. From 10.9.0 until 10.11.10, the POST /ClientLog/Document endpoint accepts the Authorization header's Client and Version fields and uses them unsanitized as components of the on-disk filename when persisting client-uploaded log documents. As a...

8.8CVSS0.00344EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-52067

Name of the Vulnerable Software and Affected Versions Jellyfin versions 10.9.0 through 10.11.9 Description The POST '/ClientLog/Document' endpoint fails to sanitize the Client and Version fields within the Authorization header when saving client-uploaded log documents to the disk. An authenticate...

8.8CVSS6AI score0.00344EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-5302

Malware in sbrugna...

10CVSS9.4AI score0.00902EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:6 a.m.7 views

CVE-2019-14045

Possible buffer overflow while processing clientlog and serverlog due to lack of validation of data received in logs in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8096AU, QCS605, SDM439, SM8150, SXR1130...

10CVSS7.7AI score0.00902EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/24 12:0 a.m.4 views

PT-2023-22823 · Jellyfin · Jellyfin

Name of the Vulnerable Software and Affected Versions: Jellyfin versions 10.8.0 through 10.8.10 Description: The issue is related to a directory traversal vulnerability inside the ClientLogController, specifically /ClientLog/Document. This vulnerability can be combined with a cross-site scripting...

8.8CVSS6.8AI score0.01972EPSS
Exploits2References16
Prion
Prion
added 2020/03/05 9:15 a.m.27 views

Buffer overflow

Possible buffer overflow while processing clientlog and serverlog due to lack of validation of data received in logs in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8096AU, QCS605, SDM439, SM8150, SXR1130...

10CVSS9.6AI score0.00902EPSS
Exploits0References1
Rows per page
Query Builder