CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2026/01/09 11:36 a.m.•4 views

CVE-2021-41764

A cross-site request forgery CSRF vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a...

8.8CVSS6.8AI score0.00172EPSS

Exploits1References1

RedhatCVE•added 2025/12/19 10:13 p.m.•2 views

CVE-2025-34452

Streama versions 1.10.0 through 1.10.5 and prior to commit b7c8767 contain a combination of path traversal and server-side request forgery SSRF vulnerabilities in that allow an authenticated attacker to write arbitrary files to the server filesystem. The issue exists in the subtitle download...

8.7CVSS7.7AI score0.00521EPSS

Exploits0References1

OSV•added 2025/12/18 10:15 p.m.•1 views

CVE-2025-34452

8.7CVSS8AI score

Exploits0References3

NVD•added 2025/12/18 10:15 p.m.•1 views

CVE-2025-34452

8.7CVSS0.00521EPSS

Exploits0References3

Vulnrichment•added 2025/12/18 9:30 p.m.•2 views

CVE-2025-34452 Streama Subtitle Download Path Traversal and SSRF Leading to Arbitrary File Write

8.7CVSS7.7AI score0.00521EPSS

Exploits0References3

Cvelist•added 2025/12/18 9:30 p.m.•20 views

CVE-2025-34452 Streama Subtitle Download Path Traversal and SSRF Leading to Arbitrary File Write

8.7CVSS0.00521EPSS

Exploits0References3

CVE•added 2025/12/18 9:30 p.m.•8 views

CVE-2025-34452

The CVE-2025-34452 entry affects Streama versions 1.10.0–1.10.5 and prior to commit b7c8767. It describes a combined path traversal and server-side request forgery (SSRF) in the subtitle download feature where user-controlled parameters form file paths and fetch remote content, enabling an authen...

8.7CVSS7.7AI score0.00521EPSS

Exploits0References3

CNNVD•added 2025/12/18 12:0 a.m.•2 views

Streama 代码问题漏洞

Streama is a self-hosted streaming media server. A code issue vulnerability exists in Streama versions 1.10.0 through 1.10.5 and prior to b7c8767, which stems from a path traversal and server-side request forgery in the subtitle download feature that could lead to remote code execution...

8.7CVSS7.7AI score0.00521EPSS

Exploits0References3

Positive Technologies•added 2025/12/18 12:0 a.m.•4 views

PT-2025-52354

8.7CVSS8.1AI score0.00521EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-28773

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00172EPSS

Exploits1References3

NVD•added 2021/09/29 8:15 p.m.•5 views

CVE-2021-41764

8.8CVSS0.00172EPSS

Exploits1References3

OSV•added 2021/09/29 8:15 p.m.•10 views

CVE-2021-41764

8.8CVSS6.9AI score

Exploits0References3

Prion•added 2021/09/29 8:15 p.m.•12 views

Cross site request forgery (csrf)

6.8CVSS8.5AI score0.00172EPSS

Exploits1References3Affected Software1

CVE•added 2021/09/29 7:2 p.m.•34 views

CVE-2021-41764

Streama (self-hosted streaming server) has a CSRF vulnerability (CVE-2021-41764) affecting version up to v1.10.3. The issue arises because CSRF checks are not performed when performing actions such as uploading local files, enabling an attacker to induce a logged-in administrator to upload arbitr...

8.8CVSS8.6AI score0.00172EPSS

Exploits1References3Affected Software1

CNNVD•added 2021/09/29 12:0 a.m.•1 views

Streama 跨站请求伪造漏洞

Streama is a self-hosted streaming media server. A cross-site request forgery vulnerability exists in Streama that stems from the product not performing reasonable checks when uploading local files. The vulnerability can be exploited to upload arbitrary files to the server.Streama v1.10.3 and...

8.8CVSS7.8AI score0.00172EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by