live555 漏洞與 CVE 列表(24)

產品(CPE): — CVE 數: 24

live555 漏洞概覽

彙總 live555 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 記憶體損壞與緩衝區溢位 等問題,部分漏洞可能導致 記憶體損壞,並影響 軟體部署與生產負載 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 12024 CVE 數
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-65407 A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program stream. [email protected] 6.5 0.26% 2025-12-01 2026-06-17
CVE-2025-65408 A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS file. [email protected] 6.5 0.26% 2025-12-01 2026-06-17
CVE-2025-65406 A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file. [email protected] 6.5 0.27% 2025-12-01 2026-06-17
CVE-2025-65405 A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC file. [email protected] 6.5 0.26% 2025-12-01 2026-06-17
CVE-2025-65404 A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream. [email protected] 6.5 0.27% 2025-12-01 2026-06-17
CVE-2023-37117 A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP. [email protected] 9.8 0.87% 2024-01-12 2026-06-17
CVE-2021-41396 Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack. [email protected] 7.5 1.28% 2022-07-12 2026-06-17
CVE-2021-39283 liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands. [email protected] 5.5 0.86% 2021-08-18 2026-06-17
CVE-2021-39282 Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files. [email protected] 7.5 1.53% 2021-08-18 2026-06-17
CVE-2021-38382 Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. [email protected] 6.5 1.19% 2021-08-10 2026-06-17
CVE-2021-38381 Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash. [email protected] 6.5 1.19% 2021-08-10 2026-06-17
CVE-2021-38380 Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack. [email protected] 7.5 1.53% 2021-08-10 2026-06-17
CVE-2021-28899 Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16. [email protected] 7.5 1.09% 2021-04-29 2026-06-16
CVE-2020-24027 In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time. [email protected] 9.8 1.61% 2021-01-11 2026-06-16
CVE-2019-15232 Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors. [email protected] 9.8 1.72% 2019-08-19 2026-06-16
CVE-2019-9215 In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function. [email protected] 9.8 2.17% 2019-02-27 2026-06-16
CVE-2019-7733 In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove. [email protected] 7.5 1.58% 2019-02-11 2026-06-16
CVE-2019-7732 In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed. [email protected] 7.5 1.40% 2019-02-11 2026-06-16
CVE-2019-7314 liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact. [email protected] 9.8 3.19% 2019-02-03 2026-06-16
CVE-2019-6256 A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp. [email protected] 9.8 2.41% 2019-01-14 2026-06-16
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
cvelogic Threat Intelligence