Skip to main content

Live555

6 CVEs product

Monthly

CVE-2023-37117 CRITICAL POC Act Now

A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure Live555
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2021-39283 MEDIUM POC This Month

liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Live555
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2021-39282 HIGH POC This Week

Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Live555
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-38382 MEDIUM POC This Month

Live555 through 1.08 does not handle Matroska and Ogg files properly. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Live555
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-38381 MEDIUM POC This Month

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Live555
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-38380 HIGH POC This Week

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Live555
NVD
CVSS 3.1
7.5
EPSS
1.5%
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Use After Free Information Disclosure +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Live555
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Live555
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Live555 through 1.08 does not handle Matroska and Ogg files properly. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +1
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +1
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Live555
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy