CVE Tools

wowza

Communicationscommercial

14

Cumulative CVEs

4

Monthly snapshots

#120

Peak rank

Top products

streaming engine5

Latest CVEs

The 15 most recently published vulnerabilities affecting wowza.

CVE-2016-20036Wowza Streaming Engine 4.5.0 Multiple Cross-Site Scripting Vulnerabilities6.1Mar 15, 2026
CVE-2016-20035Wowza Streaming Engine 4.5.0 CSRF via user edit endpoint5.3Mar 15, 2026
CVE-2016-20034Wowza Streaming Engine 4.5.0 Privilege Escalation via user edit8.8Mar 15, 2026
CVE-2016-20033Wowza Streaming Engine 4.5.0 Local Privilege Escalation via nssm_x64.exe7.8Mar 15, 2026
CVE-2024-52056Application Delete Path Traversal in Wowza Streaming Engine6.5Nov 21, 2024
CVE-2024-52055Application Copy Path Traversal in Wowza Streaming Engine4.9Nov 21, 2024
CVE-2024-52054Application Creation Path Traversal in Wowza Streaming Engine2.7Nov 21, 2024
CVE-2024-52053Stored Cross-Site Scripting in Wowza Streaming Engine9.6Nov 21, 2024
CVE-2024-52052Stream Target Remote Code Execution in Wowza Streaming Engine7.2Nov 21, 2024
CVE-2021-35492Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is ...6.5Oct 5, 2021
CVE-2021-35491A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName...8.1Oct 5, 2021
CVE-2021-31539Wowza Streaming Engine before 4.8.8.01 (in a default installation) has cleartext passwords stored in the conf/admin.password file. A regular local user is able to read usernames and passwords.5.5Apr 23, 2021
CVE-2021-31540Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all ...7.1Apr 23, 2021
CVE-2019-19455Wowza Streaming Engine before 4.8.5 has Insecure Permissions which may allow a local attacker to escalate privileges in / usr / local / WowzaStreamingEngine / manager / bin / in the Linux version o...7.8Aug 3, 2020
CVE-2019-19453Wowza Streaming Engine before 4.8.5 allows XSS (issue 1 of 2). An authenticated user, with access to the proxy license editing is able to insert a malicious payload that will be triggered in the ma...5.4Aug 3, 2020