Vulnerabilities > Live555 > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-07-12 CVE-2021-41396 Out-of-bounds Write vulnerability in Live555
Live555 through 1.08 does not handle socket connections properly.
network
low complexity
live555 CWE-787
5.0
2021-08-18 CVE-2021-39283 Reachable Assertion vulnerability in Live555
liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands.
local
low complexity
live555 CWE-617
5.5
2021-08-10 CVE-2021-38381 Use After Free vulnerability in Live555
Live555 through 1.08 does not handle MPEG-1 or 2 files properly.
network
low complexity
live555 CWE-416
6.5
2021-08-10 CVE-2021-38382 Use After Free vulnerability in Live555
Live555 through 1.08 does not handle Matroska and Ogg files properly.
network
low complexity
live555 CWE-416
6.5
2021-04-29 CVE-2021-28899 Unspecified vulnerability in Live555 Streaming Media
Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16.
network
low complexity
live555
5.0
2019-02-11 CVE-2019-7733 Integer Overflow or Wraparound vulnerability in Live555 Streaming Media 0.95
In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.
network
low complexity
live555 CWE-190
5.0
2019-02-11 CVE-2019-7732 Memory Leak vulnerability in Live555 Streaming Media 0.95
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.
network
low complexity
live555 CWE-401
5.0