CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37117
https://notcve.org/view.php?id=CVE-2023-37117
12 Jan 2024 — A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP. Se encontró una vulnerabilidad de use after free del montón en live555 versión 2023.05.10 mientras se manejaba el SETUP. • http://lists.live555.com/pipermail/live-devel/2023-June/022331.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-41396
https://notcve.org/view.php?id=CVE-2021-41396
11 Jul 2022 — Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack. Live555 versiones hasta 1.08, no maneja apropiadamente las conexiones de socket. Un gran número de conexiones de socket entrantes en poco tiempo invoca el módulo de administración de errores, en el que se produce un desbordamiento de búfer en la reg... • http://lists.live555.com/pipermail/live-devel/2021-September/021994.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39282 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-39282
18 Aug 2021 — Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files. Live555 versiones hasta 1.08, presenta una pérdida de memoria en la función AC3AudioStreamParser para archivos AC3. Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of service. Versions greater than or equal to 2021.08.24 are affected. • http://lists.live555.com/pipermail/live-devel/2021-August/021970.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39283 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-39283
18 Aug 2021 — liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands. El archivo liveMedia/FramedSource.cpp en Live555 versiones hasta 1.08, permite un fallo de aserción y la salida de la aplicación por medio de múltiples comandos SETUP y PLAY. Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of service. Versions greater than or equal to 2021.08.24 are affected. • http://lists.live555.com/pipermail/live-devel/2021-August/021969.html • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38380 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-38380
10 Aug 2021 — Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack. Live555 versiones hasta 1.08, no maneja apropiadamente grandes peticiones para el mismo flujo de MP3, conllevando a una recursión y una lectura excesiva del búfer en la región stack de la memoria. Un atacante puede aprovechar esto para lanzar un ataque DoS Multiple vulnerabilities have been discovered in LIVE555 Media Server, th... • http://lists.live555.com/pipermail/live-devel/2021-August/021954.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38381 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-38381
10 Aug 2021 — Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. Live555 versiones hasta 1.08, no maneja apropiadamente los archivos MPEG-1 o 2. El envío de dos comandos RTSP SETUP sucesivos para la misma pista provoca un Uso de la Memoria previamente Liberada y un bloqueo del demonio Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of servic... • http://lists.live555.com/pipermail/live-devel/2021-August/021961.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38382 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2021-38382
10 Aug 2021 — Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. Live555 versiones hasta 1.08, no maneja apropiadamente los archivos Matroska y Ogg. El envío de dos comandos RTSP SETUP sucesivos para la misma pista causa un Uso de la Memoria previamente Liberada y un bloqueo del demonio Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which could lead to a denial of... • http://lists.live555.com/pipermail/live-devel/2021-August/021959.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28899
https://notcve.org/view.php?id=CVE-2021-28899
29 Apr 2021 — Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16. Una vulnerabilidad en las subclases AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession y AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession en redes LIVE555 Streaming Media versiones anteriores a 2021.3.16 • http://lists.live555.com/pipermail/live-devel/2021-March/021891.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24027 – Gentoo Linux Security Advisory 202407-23
https://notcve.org/view.php?id=CVE-2020-24027
11 Jan 2021 — In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time. En Live Networks, Inc., liblivemedia versión 20200625, presenta un error potencial de desbordamiento del búfer en el manejo del servidor de un comando RTSP "PLAY", cuando el comando especifica la búsqueda por tiempo absoluto Multiple vulnerabilities have been discovered in LIVE555 Media Server, the worst of which... • http://lists.live555.com/pipermail/live-devel/2020-July/021662.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15232 – Gentoo Linux Security Advisory 202005-06
https://notcve.org/view.php?id=CVE-2019-15232
19 Aug 2019 — Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors. Live555 versiones anteriores a 2019.08.16, presenta un uso de la memoria previamente liberada porque la función GenericMediaServer::createNewClientSessionWithId puede generar el mismo ID de sesión de cliente en sucesión, el cual es manejado inapropiadamente por los demultiplexores d... • http://www.live555.com/liveMedia/public/changelog.txt • CWE-416: Use After Free •