Emby MediaServer version 3.2.5 suffers from a directory traversal vulnerability that allows for arbitrary file disclosure.
fa223b923ceaad85f3f4ca5cce4208878ae02295ea4e03a6bbab3643e2829316
Emby MediaServer version 3.2.5 suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the URL path filename when handling 'not found' errors. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.
413c8dd70f63ee4e8e53a5a298b2725274507fae9766167efcdfb6194cb86cac
Emby MediaServer version 3.2.5 suffers from a password reset vulnerability.
cd55b21a8347fa5960e9af67ccc648634aed53ed1e1e824ff18218bbc68ccdbe
Emby MediaServer version 3.2.5 suffers from a blind SQL injection vulnerability. Input passed via the GET parameter 'MediaTypes' is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
5df7706831464ac9c7dd4014af6d54f5c2117a394cca94b6bb14e121d7842598
HideMyAss Pro VPN client version 3.3.0.3 for OS X suffers from a helper binary (com.privax.hmaprovpn.helper) local privilege escalation vulnerability.
37f5fa5c2d88399f63a027e0edcd1f34ea06dd428dfe8989bd994c0a70a3511e