Skip to content

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Learn

All guides
What is a CVE?
What is CVSS?
The CISA KEV catalog
What is EPSS?

Company

About us
Blog
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

Home
Vendors
Wowza
Streaming Engine

wowza streaming engine Vulnerabilities: CVEs, CISA KEV & Security Advisories

26 CVEs

wowza streaming engine Vulnerabilities

CVE security advisories and vulnerability history for streaming engine by wowza.

26

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

4

Public exploits

With known exploit

7.6

Avg CVSS

2018–2026

Last updated March 15, 2026

Overview

wowza streaming engine has 26 published CVE records since 2018, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 4 have a known public exploit. The average CVSS base score across scored CVEs is 7.6.

This page aggregates every publicly disclosed vulnerability (CVE) affecting wowza streaming engine, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list. Affected platforms include Linux, Windows.

Severity and exploitation

How the CVSS severity of wowza streaming engine's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical1

High4

Medium4

Low0

17 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

0

None of wowza streaming engine's CVEs are currently listed in CISA's KEV catalog.

Public exploits

4

4 of wowza streaming engine's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every wowza streaming engine version named in a CVE, then pick one to see only the CVEs that affect it.

Fixed in

4.9.15 CVEs
4.7.14 CVEs
4.8.52 CVEs
4.8.141 CVE
4.8.8.011 CVE

Find a version

26 CVEs

Sort

Wowza Streaming Engine 4.5.0 Multiple Cross-Site Scripting Vulnerabilities
CVE-2016-20036
Public exploit
CWE-79
Medium · CVSS 6.1
EPSS 0.1% (16th pct)2026-03-15
Wowza Streaming Engine 4.5.0 CSRF via user edit endpoint
CVE-2016-20035
Public exploit
CWE-352
Medium · CVSS 6.9
EPSS 0.1% (19th pct)2026-03-15
Wowza Streaming Engine 4.5.0 Privilege Escalation via user edit
CVE-2016-20034
Public exploit
CWE-352
High · CVSS 8.8
EPSS 0.0% (12th pct)2026-03-15
Wowza Streaming Engine 4.5.0 Local Privilege Escalation via nssm_x64.exe
CVE-2016-20033
Public exploit
CWE-639
High · CVSS 8.5
EPSS 0.0% (7th pct)2026-03-15
Medium vulnerability · 2024-11-21
CVE-2024-52056
Patch
CWE-22
Medium · CVSS 6.9
EPSS 0.2% (38th pct)2024-11-21
Application Copy Path Traversal in Wowza Streaming Engine
CVE-2024-52055
Patch
CWE-22
High · CVSS 8.2
EPSS 0.2% (40th pct)2024-11-21
Medium vulnerability · 2024-11-21
CVE-2024-52054
Patch
CWE-22
Medium · CVSS 5.1
EPSS 0.2% (43th pct)2024-11-21
High vulnerability · 2024-11-21
CVE-2024-52053
Patch
CWE-79
High · CVSS 8.7
EPSS 0.8% (74th pct)2024-11-21
Critical vulnerability · 2024-11-21
CVE-2024-52052
Patch
CWE-646
Critical · CVSS 9.4
EPSS 3.5% (88th pct)2024-11-21
Vulnerability · 2021-10-05
CVE-2021-35492
Unscored
EPSS 13.0% (94th pct)2021-10-05
Vulnerability · 2021-10-05
CVE-2021-35491
Patch
Unscored
EPSS 0.2% (42th pct)2021-10-05
Vulnerability · 2021-04-23
CVE-2021-31539
Patch
Unscored
EPSS 0.0% (8th pct)2021-04-23
Vulnerability · 2021-04-23
CVE-2021-31540
Unscored
EPSS 0.0% (11th pct)2021-04-23
Vulnerability · 2020-08-03
CVE-2019-19455
Patch
Unscored
EPSS 0.0% (8th pct)2020-08-03
Vulnerability · 2020-08-03
CVE-2019-19453
Patch
Unscored
EPSS 0.4% (63th pct)2020-08-03
Vulnerability · 2020-05-18
CVE-2019-19456
Unscored
EPSS 0.3% (50th pct)2020-05-18
Vulnerability · 2020-05-18
CVE-2019-19454
Unscored
EPSS 0.7% (73th pct)2020-05-18
Vulnerability · 2020-04-14
CVE-2020-9004
Unscored
EPSS 0.5% (68th pct)2020-04-14
Vulnerability · 2020-01-29
CVE-2019-7655
Unscored
EPSS 0.5% (68th pct)2020-01-29
Vulnerability · 2020-01-29
CVE-2019-7656
Unscored
EPSS 0.1% (25th pct)2020-01-29
Vulnerability · 2020-01-29
CVE-2019-7654
Unscored
EPSS 0.6% (69th pct)2020-01-29
Vulnerability · 2019-03-18
CVE-2018-19365
Unscored
EPSS 88.7% (100th pct)2019-03-18
Vulnerability · 2018-03-05
CVE-2017-16922
Patch
Unscored
EPSS 0.6% (70th pct)2018-03-05
Vulnerability · 2018-03-01
CVE-2018-7049
Patch
Unscored
EPSS 0.3% (54th pct)2018-03-01
Vulnerability · 2018-03-01
CVE-2018-7048
Patch
Unscored
EPSS 1.6% (82th pct)2018-03-01
Vulnerability · 2018-03-01
CVE-2018-7047
Patch
Unscored
EPSS 2.8% (86th pct)2018-03-01

Common weakness types

The CWE weakness categories most often found in wowza streaming engine CVEs. Follow any weakness for its full explanation.

CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')3 CVEs
CWE-352Cross-Site Request Forgery (CSRF)2 CVEs
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')2 CVEs
CWE-639Authorization Bypass Through User-Controlled Key1 CVE
CWE-646Reliance on File Name or Extension of Externally-Supplied File1 CVE

Disclosure activity by year

How many wowza streaming engine CVEs were published each year.

2018

4

2019

1

2020

8

2021

4

2024

5

2026

4

Other wowza products

Browse vulnerabilities for other products by wowza.

streaming_engine2 CVEs

All wowza vulnerabilities

Frequently asked questions

Common questions about wowza streaming engine vulnerabilities.

How many CVEs does wowza streaming engine have?

wowza streaming engine has 26 published CVE records since 2018.

How many wowza streaming engine CVEs are in CISA KEV?

None of wowza streaming engine's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Are there public exploits for wowza streaming engine vulnerabilities?

Yes — 4 of wowza streaming engine's CVEs have a known public exploit.

Which versions of wowza streaming engine are affected?

5 distinct wowza streaming engine versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.

What are the most common weakness types in wowza streaming engine CVEs?

wowza streaming engine's CVEs most often map to these CWE weakness types: CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-352 (Cross-Site Request Forgery (CSRF)), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-639 (Authorization Bypass Through User-Controlled Key).

How many critical wowza streaming engine vulnerabilities are there?

wowza streaming engine has 1 critical and 4 high-severity CVEs.

What is the average severity of wowza streaming engine CVEs?

The average CVSS base score across wowza streaming engine's scored CVEs is 7.6.

References

All wowza vulnerabilities
The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track wowza streaming engine vulnerabilities

Monitor new wowza streaming engine vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Affected versions and CVEs
Common weakness types
Disclosure activity
Other products
FAQ
References