Lucene search
K
Live555Streaming Media

13 matches found

CVE
CVE
added 2019/08/19 11:57 p.m.222 views

CVE-2019-15232

The CVE-2019-15232 vulnerability affects LIVE555 Media Server (live555 library). Live555 before 2019.08.16 can assign the same client session ID in rapid succession via GenericMediaServer::createNewClientSessionWithId, leading to a Use-After-Free condition that is mishandled by MPEG1or2 and Matro...

9.8CVSS9.2AI score0.01716EPSS
CVE
CVE
added 2019/02/04 2:0 a.m.183 views

CVE-2019-7314

CVE-2019-7314 affects LIVE555 Live555’s liblivemedia. It is triggered by mishandling the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, leading to a use-after-free that can crash the RTSP server or cause unspecified impact. Affected history points to Live555 before 2019.0...

9.8CVSS9.7AI score0.03192EPSS
CVE
CVE
added 2019/02/28 4:0 a.m.168 views

CVE-2019-9215

CVE-2019-9215 affects LIVE555: malformed headers can cause invalid memory access in parseAuthorizationHeader. CVE-2019-7314 (also in LIVE555) enables Use-After-Free during RTSP termination. Documents indicate affected versions before 2019.06.28 and show remediation via updating to 2019.06.28 or l...

9.8CVSS9.1AI score0.02173EPSS
CVE
CVE
added 2021/04/29 2:8 p.m.157 views

CVE-2021-28899

CVE-2021-28899 affects LIVE555 Streaming Media before 2021.3.16, specifically the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses. The vulnerability path stems from.Live555 components; impact...

7.5CVSS7.7AI score0.01094EPSS
CVE
CVE
added 2014/01/23 9:0 p.m.76 views

CVE-2013-6933

CVE-2013-6933 affects the Live555 Streaming Media library (used by VideoLAN VLC) where RTSP messages starting with whitespace [single space or tab] trigger an integer underflow, an infinite loop, and a buffer overflow in parseRTSPRequestString. This can lead to a crash or arbitrary code execution...

7.5CVSS7.8AI score0.17415EPSS
CVE
CVE
added 2019/02/11 5:0 p.m.67 views

CVE-2019-7733

CVE-2019-7733 affects LIVE555 Media Server / liblivemedia in Live555 0.95. A buffer overflow can be triggered by a large integer in a Content-Length HTTP header because handleRequestBytes uses an unrestricted memmove, leading to a denial of service and potential crash. Public advisories corrobora...

7.5CVSS8.7AI score0.0158EPSS
CVE
CVE
added 2014/01/23 9:0 p.m.55 views

CVE-2013-6934

CVE-2013-6934 affects VLC Media Player via the Live555 liblivemedia RTSP implementation. The issue arises in parseRTSPRequestString: a space at the beginning of an RTSP message can trigger an integer underflow, an infinite loop, and a buffer overflow, potentially crashing the application or enabl...

7.5CVSS7.8AI score0.28174EPSS
CVE
CVE
added 2019/02/11 5:0 p.m.54 views

CVE-2019-7732

CVE-2019-7732 affects Live555 0.95. The vulnerability is a memory leak in the setup packet handling: when multiple instances of a single field (username, realm, nonce, uri, or response) exist, only the last instance can be freed, enabling a denial-of-service condition. Public references in the pr...

7.5CVSS7.4AI score0.01399EPSS
CVE
CVE
added 2025/12/01 12:0 a.m.17 views

CVE-2025-65407

CVE-2025-65407 affects LIVE555 Streaming Media 2018.09.02. A use-after-free in MPEG1or2Demux::newElementaryStream() can cause a DoS by feeding a crafted MPEG Program stream. CVSSv3.1 indicates network-based, low complexity with user interaction required for impact, severity medium (6.5), availabi...

6.5CVSS6.4AI score0.00259EPSS
CVE
CVE
added 2025/12/01 12:0 a.m.12 views

CVE-2025-65404

CVE-2025-65404 affects Live555 Streaming Media 2018.09.02. A buffer overflow in the getSideInfo2() function allows a crafted MP3 stream to cause Denial of Service. Impact is DoS; exploitation described in public advisories (e.g., OpenVAS NASLs) with CVSS base 7.8 (Network exploit, no authenticati...

6.5CVSS6.8AI score0.00277EPSS
CVE
CVE
added 2025/12/01 12:0 a.m.12 views

CVE-2025-65408

The CVE-2025-65408 entry pertains to Live555 Streaming Media v2018.09.02, where a NULL pointer dereference in ADTSAudioFileServerMediaSubsession::createNewRTPSink() can allow a remote attacker to cause a Denial of Service via a crafted ADTS file. Public sources in the set (NVD/Nessus/OpenVAS/CNVD...

6.5CVSS6.3AI score0.00259EPSS
CVE
CVE
added 2025/12/01 12:0 a.m.11 views

CVE-2025-65406

LIVE555 Streaming Media 2018.09.02 contains a heap overflow in MatroskaFile::createRTPSinkForTrackNumber(), which can be triggered by supplying a crafted MKV file to cause a Denial of Service. Public sources in the connected docs consistently reference this CVE-2025-65406 and describe DoS impact;...

6.5CVSS6.6AI score0.00277EPSS
CVE
CVE
added 2025/12/01 12:0 a.m.10 views

CVE-2025-65405

The CVE-2025-65405 entry concerns Live555 Streaming Media (v2018.09.02). A use-after-free in ADTSAudioFileSource::samplingFrequency() can be triggered by a crafted ADTS/AAC file, leading to Denial of Service. Multiple sources (NVD, CNVD, EUVD, OSV Ubuntu, CIRCL) corroborate the same issue. Connec...

6.5CVSS6.4AI score0.00259EPSS