CVE-2026-41417 Netty vulnerable to HTTP request smuggling and RTSP request injection via DefaultHttpRequest.setUri()

Netty allows request-line validation to be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created first and its URI is later changed via setUri. The constructors reject CRLF and whitespace characters that would break the start-line, but setUri does not apply the same validation...

CVE-2025-60458

UxPlay 1.72 contains a double free vulnerability in its RTSP request handling. A specially crafted RTSP TEARDOWN request can trigger multiple calls to free on the same memory address, potentially causing a Denial of Service...

EUVD-2010-4562

Malware in sbrugna...

EUVD-2009-4217

Malware in sbrugna...

EUVD-2006-1460

Malware in sbrugna...

CVE-2010-4596

Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request...

CVE-2020-24918

A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parseauthenticationheader in libamprotocol-rtsp.so.1 in rtspsvc or cause a...

CVE-2020-24214

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video encoding and streaming fo...

CVE-2020-24214

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video encoding and streaming fo...

Design/Logic Flaw

On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in the RTSP Service provided by the ubnt-streamer binary. The issue can be triggered via malformed RTSP requests that lead to an invalid memory read. To exploit the vulnerability, an attacker must craft an RTSP request wit...

Hikvision DVR RTSP Request Remote Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Hikvision DVR RTSP Request Remote Code Execution', 'Description' = %q This module exploits a buffer overflow in the RTSP request...

Hikvision DVR RTSP Request Remote Code Execution Exploit

This module exploits a buffer overflow in the RTSP request parsing code of Hikvision DVR appliances. The Hikvision DVR devices record video feeds of surveillance cameras and offer remote administration and playback of recorded footage. The vulnerability is present in several models / firmware...

Hikvision DVR RTSP Request Remote Code Execution

This module exploits a buffer overflow in the RTSP request parsing code of Hikvision DVR appliances. The Hikvision DVR devices record video feeds of surveillance cameras and offer remote administration and playback of recorded footage. The vulnerability is present in several models / firmware...

CVE-2010-4596

Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request...

Stack overflow

Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request...

CVE-2010-4596

Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request...

CVE-2010-4596

RealNetworks Helix Server (12.x–14.x) and Helix Mobile Server are affected by a stack-based buffer overflow in RTSP request handling, allowing remote code execution when a long RTSP string is processed. Affected versions before 14.2 include Helix Server 12.x/13.x/14.x and Helix Mobile Server 12.x...

Media Player Network Sharing memory corruption

Use-after-free vulneraebility on RTSP request parsing...

Microsoft Windows Media Player Network Sharing Service Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. Authentication is not required to exploit this vulnerability. The specific flaw exists within Windows Media Player's support for streaming media to other equipment...

Darwin Streaming Server < 5.5.5 Multiple RCE Vulnerabilities

According to its banner, the version of Apple Darwin Streaming Server running on the remote host is prior to version 5.5.5. It is, therefore, affected by multiple vulnerabilities : - A heap buffer overflow condition exists in the Apple Darwin Streaming Proxy that allows an unauthenticated, remote...