6 matches found
AVideo: Unauthenticated Live Stream Termination via RTMP Callback on_publish_done.php
Summary The AVideo onpublishdone.php endpoint in the Live plugin allows unauthenticated users to terminate any active live stream. The endpoint processes RTMP callback events to mark streams as finished in the database, but performs no authentication or authorization checks before doing so. An...
CVE-2026-34731
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo onpublishdone.php endpoint in the Live plugin allows unauthenticated users to terminate any active live stream. The endpoint processes RTMP callback events to mark streams as finished in the database, but perform...
CVE-2026-34731 AVideo: Unauthenticated Live Stream Termination via RTMP Callback on_publish_done.php
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo onpublishdone.php endpoint in the Live plugin allows unauthenticated users to terminate any active live stream. The endpoint processes RTMP callback events to mark streams as finished in the database, but perform...
EUVD-2019-16857
Malware in sbrugna...
SUSE CVE-2021-34548
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAYEND or RELAYRESOLVED to bypass the intended access control for ending a stream...
OPENSUSE-SU-2019:1797-1 Security update for live555
This update for live555 fixes the following issues: - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. boo1127341 - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead t...