Live555 Streaming_media
13 CVEs affecting Live555 Streaming_media. Latest disclosed: 2025-12-01. Critical: 3, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-15232 | Critical | 9.8 | 2019-08-20 | Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession… |
CVE-2019-9215 | Critical | 9.8 | 2019-02-28 | In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function. |
CVE-2019-7314 | Critical | 9.8 | 2019-02-04 | liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-Afte… |
CVE-2021-28899 | High | 7.5 | 2021-04-29 | Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubses… |
CVE-2019-7733 | High | 7.5 | 2019-02-11 | In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove. |
CVE-2019-7732 | High | 7.5 | 2019-02-11 | In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, ur… |
CVE-2025-65407 | Medium | 6.5 | 2025-12-01 | A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS… |
CVE-2025-65408 | Medium | 6.5 | 2025-12-01 | A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to ca… |
CVE-2025-65406 | Medium | 6.5 | 2025-12-01 | A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Servic… |
CVE-2025-65405 | Medium | 6.5 | 2025-12-01 | A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service… |
CVE-2025-65404 | Medium | 6.5 | 2025-12-01 | A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 s… |
CVE-2013-6934 | | 2014-01-23 | The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause… | |
CVE-2013-6933 | | 2014-01-23 | The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote… |