| CVE-2021-39283 |
AVG-2306 |
Low |
Yes |
Denial of service |
liveMedia/FramedSource.cpp in live-media before version 2021.08.13 allows an assertion failure and application exit via multiple SETUP and PLAY commands. |
| CVE-2021-39282 |
AVG-2306 |
Medium |
Yes |
Information disclosure |
live-media before version 2021.08.13 has a memory leak in AC3AudioStreamParser for AC3 files. |
| CVE-2021-38382 |
AVG-2276 |
Medium |
Yes |
Arbitrary code execution |
live-media before version 2021.08.06 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a... |
| CVE-2021-38381 |
AVG-2276 |
Medium |
Yes |
Arbitrary code execution |
live-media before version 2021.08.09 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a... |
| CVE-2021-38380 |
AVG-2276 |
Low |
No |
Denial of service |
live-media before version2021.08.04 mishandles huge requests for the same MP3 stream, leading to recursion and a stack-based buffer over- read. An attacker... |
| CVE-2021-28899 |
AVG-1448 |
Low |
Yes |
Denial of service |
Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive... |
| CVE-2020-24027 |
AVG-1448 |
Medium |
Yes |
Arbitrary code execution |
In live-media before version 2020.07.09, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command... |
| CVE-2019-7733 |
AVG-870 |
Medium |
Yes |
Denial of service |
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce,... |
| CVE-2019-7314 |
AVG-870 |
Critical |
Yes |
Arbitrary code execution |
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a... |