Media Server Security Vulnerabilities and Issues — Media Server CVE List

Lucene search

PlexMedia Server

5 matches found

CVE•added 2020/05/08 1:15 p.m.•711 views

CVE-2020-5741

Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code.

7.2CVSS7.2AI score0.45575EPSS

CVE•added 2023/01/18 2:15 p.m.•641 views

CVE-2021-33959

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.

7.5CVSS7.5AI score0.15882EPSS

CVE•added 2020/04/22 4:15 p.m.•110 views

CVE-2020-5740

Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated attacker to execute arbitrary Python code with SYSTEM privileges.

7.8CVSS7.9AI score0.00254EPSS

CVE•added 2021/12/08 3:15 p.m.•49 views

CVE-2021-42835

An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker (with a foothold in a endpoint via a low-privileged user account) can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC functiona...

7CVSS7.1AI score0.16914EPSS

CVE•added 2014/12/07 9:59 p.m.•35 views

CVE-2014-9304

Plex Media Server before 0.9.9.3 allows remote attackers to bypass the web server whitelist, conduct SSRF attacks, and execute arbitrary administrative actions via multiple crafted X-Plex-Url headers to system/proxy, which are inconsistently processed by the request handler in the backend web serve...

7.5CVSS7.6AI score0.02014EPSS