Filtered by vendor Realnetworks
Subscribe
Total
217 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-1181 | 1 Realnetworks | 1 Realserver | 2024-11-20 | 5.0 MEDIUM | N/A |
Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL. | |||||
CVE-2000-0474 | 1 Realnetworks | 1 Realserver | 2024-11-20 | 7.8 HIGH | N/A |
Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory. | |||||
CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2024-11-20 | 2.6 LOW | N/A |
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | |||||
CVE-2000-0272 | 1 Realnetworks | 1 Realserver | 2024-11-20 | 7.8 HIGH | N/A |
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. | |||||
CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2024-11-20 | 5.0 MEDIUM | N/A |
RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | |||||
CVE-2000-0001 | 1 Realnetworks | 1 Realserver | 2024-11-20 | 5.0 MEDIUM | N/A |
RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. | |||||
CVE-1999-1369 | 1 Realnetworks | 1 Realserver | 2024-11-20 | 4.6 MEDIUM | N/A |
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. | |||||
CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2024-11-20 | 4.6 MEDIUM | N/A |
RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
CVE-1999-1045 | 1 Realnetworks | 1 Realserver | 2024-11-20 | 7.8 HIGH | N/A |
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request. | |||||
CVE-1999-0896 | 1 Realnetworks | 1 Realserver G2 | 2024-11-20 | 10.0 HIGH | N/A |
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password. | |||||
CVE-2022-32269 | 1 Realnetworks | 1 Realplayer | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution. | |||||
CVE-2022-32270 | 1 Realnetworks | 1 Realplayer | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to plant executables in the startup folder (DLL planting could also occur). | |||||
CVE-2022-32271 | 1 Realnetworks | 1 Realplayer | 2024-02-28 | 6.8 MEDIUM | 9.6 CRITICAL |
In Real Player 20.0.8.310, there is a DCP:// URI Remote Arbitrary Code Execution Vulnerability. This is an internal URL Protocol used by Real Player to reference a file that contains an URL. It is possible to inject script code to arbitrary domains. It is also possible to reference arbitrary local files. | |||||
CVE-2022-32291 | 1 Realnetworks | 1 Realplayer | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname (for a DLL file) in a RAM file. | |||||
CVE-2018-13121 | 1 Realnetworks | 1 Realone Player | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file. | |||||
CVE-2017-9302 | 1 Realnetworks | 1 Realplayer | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
RealPlayer 16.0.2.32 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp4 file. | |||||
CVE-2016-9018 | 1 Realnetworks | 1 Realplayer | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file. |