Known Vulnerabilities for products from Icecast
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Icecast".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-53205 | Not Provided | 2025-08-20 | 2026-04-01 | |
| CVE-2025-48163 | Not Provided | 2025-08-20 | 2026-04-01 | |
| CVE-2025-32306 | Not Provided | 2025-05-16 | 2026-04-01 | |
| CVE-2025-23854 | Not Provided | 2025-01-16 | 2026-04-01 | |
| CVE-2014-9091 | Icecast before 2.4.0 does not change the supplementary group privileges when |
4.6 - MEDIUM | 2014-12-10 | 2014-12-11 |
| CVE-2014-9018 | Icecast before 2.4.1 transmits the output of the on-connect script, which might allow remote attackers to obtain sensitive in... | 5 - MEDIUM | 2014-12-03 | 2017-09-08 |
| CVE-2011-4612 | icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via... | 5 - MEDIUM | 2012-11-20 | 2021-09-09 |
| CVE-2007-1344 | Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a c... | 9.3 - HIGH | 2007-03-08 | 2021-07-12 |
| CVE-2005-0838 | Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly ex... | 7.5 - HIGH | 2005-05-02 | 2017-07-11 |
| CVE-2005-0837 | IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl fi... | 5 - MEDIUM | 2005-05-02 | 2017-07-11 |
| CVE-2004-2027 | Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a long Basic Au... | 5 - MEDIUM | 2004-05-10 | 2017-07-11 |
| CVE-2004-1561 | Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a lar... | 7.5 - HIGH | 2004-12-31 | 2017-07-11 |
| CVE-2004-0781 | Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier a... | 4.3 - MEDIUM | 2004-10-20 | 2017-07-11 |
| CVE-2002-1982 | Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a ... | 5 - MEDIUM | 2002-12-31 | 2008-09-05 |
| CVE-2002-0177 | Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request ... | 7.5 - HIGH | 2002-04-22 | 2016-10-18 |
| CVE-2001-1230 | Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary c... | 7.5 - HIGH | 2001-03-13 | 2016-10-18 |
| CVE-2001-1229 | Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of servic... | 7.5 - HIGH | 2001-03-12 | 2016-10-18 |
| CVE-2001-1083 | Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to ca... | 5 - MEDIUM | 2001-06-26 | 2017-10-10 |
| CVE-2001-0784 | Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modifie... | 5 - MEDIUM | 2001-10-18 | 2017-10-10 |
| CVE-2001-0197 | Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary co... | 10 - HIGH | 2001-03-26 | 2017-10-10 |