openSUSE 16 Security Update : gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer (openSUSE-SU-2026:20329-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20329-1 advisory. Changes in gstreamer-rtsp-server: - Update to version 1.26.7: - Fix issues with GDISABLECHECKS & GDISABLEASSERT. - rtsp-server: tests: Switch to fixture...

EUVD-2018-5064

Malware in sbrugna...

EUVD-2020-6199

Malware in sbrugna...

gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server security update

An update is available for gstreamer1. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gstreamer1 packages contain a streaming media framework, based on grap...

RockyLinux 9 : gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server (RLSA-2025:7178)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:7178 advisory. gstreamer: EXIF Metadata Parsing Integer Overflow CVE-2024-4453 gstreamer: AV1 Video Parsing Stack-based Buffer Overflow CVE-2024-0444 Tenable has...

CVE-2020-6095

An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerabili...

CVE-2024-44331

Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests...

GStreamer 安全漏洞

GStreamer is a set of frameworks for handling streaming media. gst-rtsp-server is a GStreamer-based RTSP Real-Time Stream Protocol server. A security vulnerability exists in GStreamer version 1.25.0, which stems from improper access control and allows remote attackers to cause a denial of service...

Fedora: Security Advisory for gstreamer1-rtsp-server (FEDORA-2023-6a4aea6d13)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 ESM : liveMedia vulnerabilities (USN-4853-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4853-1 advisory. It was discovered that liveMedia incorrectly handled certain network packets. An attacker could possibly use this issue to execute arbitrary...

Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access

Exploit Title: Tapo C310 RTSP server v1.3.0- Unauthorised Video Stream Access Date: 19th July 2022 Exploit Author: dsclee1 Vendor Homepage: tp-link.com Software Link: http://download.tplinkcloud.com/firmware/TapoC310v1en1.3.0Build220328Rel.64283nu1649923652150.bin Version: 1.3.0 Tested on: Linux ...

Tapo C310 RTSP Server 1.3.0 Unauthorized Video Stream Access

Exploit Title: Tapo C310 RTSP server v1.3.0- Unauthorised Video Stream Access Date: 19th July 2022 Exploit Author: dsclee1 Vendor Homepage: tp-link.com Software Link: http://download.tplinkcloud.com/firmware/TapoC310v1en1.3.0Build220328Rel.64283nu1649923652150.bin Version: 1.3.0 Tested on: Linux ...

Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access Vulnerability

Exploit Title: Tapo C310 RTSP server v1.3.0- Unauthorised Video Stream Access Date: 19th July 2022 Exploit Author: dsclee1 Vendor Homepage: tp-link.com Software Link: http://download.tplinkcloud.com/firmware/TapoC310v1en1.3.0Build220328Rel.64283nu1649923652150.bin Version: 1.3.0 Tested on: Linux ...

Eufy Indoor 2K Indoor Camera 安全漏洞

Eufy Indoor 2K Indoor Camera is a wireless home security camera system from Eufy USA. A security vulnerability exists in Eufy Indoor 2K Indoor Camera 2.0.9.3 and earlier versions, which originates from a buffer overflow vulnerability in the RSTP server component. An attacker could exploit the...

Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability

Talos Vulnerability Report TALOS-2021-1369 Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability October 11, 2021 CVE Number CVE-2021-21940 SUMMARY A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase ...

CVE-2020-24918

A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parseauthenticationheader in libamprotocol-rtsp.so.1 in rtspsvc or cause a...

CVE-2020-24918

Ambarella Oryx RTSP Server 2020-01-07 contains a buffer overflow in the RTSP service. An unauthenticated attacker can send a crafted RTSP request with a long digest authentication header to execute arbitrary code in parse_authentication_header() of libamprotocol-rtsp.so.1 in rtsp_svc (or cause a ...

Warning Issued Over Hackable ADT's LifeShield Home Security Cameras

Newly discovered security vulnerabilities in ADT's Blue formerly LifeShield home security cameras could have been exploited to hijack both audio and video streams. The vulnerabilities tracked as CVE-2020-8101 were identified in the video doorbell camera by Bitdefender researchers in February 2020...

VulnCheck KEV: CVE-2017-8223

On Wireless IP Camera P2P WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av01 or tcp/av00...

CVE-2020-25748

A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras firmware versions v342, v339. Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP...