Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
live555 live555 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-37117
A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP.
Live555 Live555 2023.05.10
7.5
CVSSv3
CVE-2021-41396
Live555 up to and including 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack.
Live555 Live555
7.5
CVSSv3
CVE-2021-39282
Live555 up to and including 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.
Live555 Live555
5.5
CVSSv3
CVE-2021-39283
liveMedia/FramedSource.cpp in Live555 up to and including 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands.
Live555 Live555
7.5
CVSSv3
CVE-2021-38380
Live555 up to and including 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack.
Live555 Live555
6.5
CVSSv3
CVE-2021-38381
Live555 up to and including 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.
Live555 Live555
6.5
CVSSv3
CVE-2021-38382
Live555 up to and including 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.
Live555 Live555
7.5
CVSSv3
CVE-2021-28899
Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media prior to 2021.3.16.
9.8
CVSSv3
CVE-2020-24027
In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time.
Live555 Liblivemedia 20200625
9.8
CVSSv3
CVE-2019-15232
Live555 prior to 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.
Live555 Streaming Media
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »