Plex Media Server < 1.21.3.4014 DoS Vulnerability

Plex Media Server is prone to a denial of service DoS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2021-33959

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service...

CVE-2021-33959

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service...

Design/Logic Flaw

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service...

CVE-2021-33959

Summary: Multiple sources report a DoS/reflection vulnerability in Plex Media Server affecting version 1.21 and earlier (with OpenVAS citing &lt;1.21.3.4014). The Red Hat and CNNVD entries align on “Plex media server … ddos reflection attack via plex service.” The issue is described as an access-...

PT-2023-12231

Name of the Vulnerable Software and Affected Versions Plex media server versions 1.21 and earlier Description The issue concerns a ddos reflection attack that can be launched via the plex service. Recommendations For Plex media server versions 1.21 and earlier, update to a version later than 1.21...

CVE-2021-33959

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service...

CVE-2021-33959

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service...

Plex media server 访问控制错误漏洞

Plex media server is a media player from Plex. An access control error vulnerability exists in Plex media server version 1.21 and prior versions, which can be exploited in a distributed denial of service attack via the plex service...

A week in security (August 22 - August 28)

Last week on Malwarebytes Labs: Cryptojackers growing in numbers and sophistication CISA wants you to patch these actively exploited vulnerabilities before September 8 Reddit users crowdsourcing explicit images and identities Criminals socially engineer their way to bank details with fake arrest...

Plex Breach – Streaming Giant Issues Mass Password Reset to Millions

By Deeba Ahmed Plex has implemented a mass password reset after hackers stole usernames, email addresses, and encrypted passwords of 15 to 30 million of its customers. This is a post from HackRead.com Read the original post: Plex Breach - Streaming Giant Issues Mass Password Reset to Millions...

MAL-2022-3748 Malicious code in ibm-plex (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9a08863644080b69fd27e2ddd5b80b60066ae62b1e042323f1d6f2c043998b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ibm-plex (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9a08863644080b69fd27e2ddd5b80b60066ae62b1e042323f1d6f2c043998b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

cfsshtunnel (>=0.1.7 <=0.2.1), click-reviewers-tools (>=0.70.0 <=0.84.0) +2 more potentially affected by CVE-2019-15796 via python-apt (=0.7.8)

python-apt PYPI version =0.7.8 is affected by a known vulnerability. The following packages have a transitive dependency on python-apt and may be impacted: - cfsshtunnel =0.1.7, =0.70.0, =0.84.0 - craft-parts =1.19.8 - plex-updater =0.1.0 Source cves: CVE-2019-15796 Source advisory:...

cfsshtunnel (>=0.1.7 <=0.2.1), click-reviewers-tools (>=0.70.0 <=0.84.0) +2 more potentially affected by CVE-2019-15795 via python-apt (=0.7.8)

python-apt PYPI version =0.7.8 is affected by a known vulnerability. The following packages have a transitive dependency on python-apt and may be impacted: - cfsshtunnel =0.1.7, =0.70.0, =0.84.0 - craft-parts =1.19.8 - plex-updater =0.1.0 Source cves: CVE-2019-15795 Source advisory:...

Plex Media Server < 1.25.0.5282 Privilege Escalation

According to its self-reported version number, the version of Plex Media Server installed on the remote Windows host is prior to 1.25.0.5282. It is, therefore, affected by a privilege escalation vulnerability. A local, authenticated user can exploit this to gain elevated privileges. Note that...

Plex Media Server < 1.25.0 Privilege Escalation Vulnerability

Plex Media Server is prone to a privilege escalation vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2021-42835

An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker with a foothold in a endpoint via a low-privileged user account can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC...

CVE-2021-42835

An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker with a foothold in a endpoint via a low-privileged user account can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC...

Race condition

An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker with a foothold in a endpoint via a low-privileged user account can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC...