Linux Distros Unpatched Vulnerability : CVE-2026-41470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens...

SUSE CVE-2026-41470

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

Astra Linux - уязвимость в liblivemedia

Live555 version 1.08 has a memory leak in the AC3AudioStreamParser for AC3 files...

Astra Linux - уязвимость в liblivemedia

Live555 version 1.08 does not handle Matroska and Ogg files properly. Sending two consecutive RTSP SETUP commands for the same track causes a Use-After-Free error and results in a crash of the daemon...

Astra Linux - уязвимость в liblivemedia

Live555 before 2019.08.16 has a Use-After-Free issue, as GenericMediaServer::createNewClientSessionWithId can generate the same client session ID consecutively. This issue is handled improperly by the MPEG1or2 and Matroska file demultiplexors...

CVE-2026-41470

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

UBUNTU-CVE-2026-41470

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

CVE-2026-41470 LIVE555 < 2026.04.22 RTSP Server Authorization Bypass via Session Token

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

CVE-2026-41470

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

CVE-2026-41470

The CVE describes an authorization bypass in LIVE555’s RTSP server prior to 2026.04.22. The root cause is improper handling of RTSP session commands that allows an attacker to replay a valid Session token from an unauthenticated connection. With a valid token, an attacker can issue PLAY and TEARD...

CVE-2026-41470 LIVE555 < 2026.04.22 RTSP Server Authorization Bypass via Session Token

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

Live555 安全漏洞

LIVE555 is a cross-platform C++ open-source project that provides solutions for streaming media. It supports standard streaming media transmission protocols such as RTP/RTCP, RTSP, and SIP. Versions of LIVE555 before 2026.04.22 had security vulnerabilities. These vulnerabilities stemmed from...

PT-2026-41997

Name of the Vulnerable Software and Affected Versions LIVE555 versions prior to 2026.04.22 Description An authorization bypass exists in the RTSP session command handling. This allows attackers to replay valid Session tokens from unauthenticated connections. By obtaining a valid Session token, an...

Astra Linux - уязвимость в liblivemedia

A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP...

Astra Linux - уязвимость в liblivemedia

In Live555 0.95, there is a buffer overflow due to a large integer in the Content-Length HTTP header. This occurs because the handleRequestBytes function uses a memmove operation without proper bounds...

Astra Linux - уязвимость в liblivemedia

Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16...

Astra Linux - уязвимость в liblivemedia

Live555 version 1.08 does not handle MPEG-1 or 2 files properly. Sending two consecutive RTSP SETUP commands for the same track causes a use-after-free error and results in a crash of the daemon...

Astra Linux - уязвимость в liblivemedia

Live555 suffers from 1.08, which mishandles large requests for the same MP3 stream, leading to recursion and excessive buffer overflows based on the stack mechanism. An attacker can exploit this vulnerability to launch a DoS attack...

Fedora 45 : live555 / vlc (2026-56c8fe41c8)

The remote Fedora 45 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-56c8fe41c8 advisory. Latest upstream release. Adds protection against the use of a 'stolen' authenticated RTSP session id to send RTSP server's PLAY, PAUSE, TEARDOWN, and...

CVE-2026-1200

A flaw was found in the rgaufman/live555 fork of live555. A remote attacker could exploit a segmentation fault, in the increaseBufferTo function. This vulnerability can lead to memory corruption problems and potentially other consequences...