CVE Tools

live555

Communicationsoss-project

17

Cumulative CVEs

5

Monthly snapshots

#72

Peak rank

Top products

streaming media5

Latest CVEs

The 15 most recently published vulnerabilities affecting live555.

CVE-2025-65408A NULL pointer dereference in the ADTSAudioFileServerMediaSubsession::createNewRTPSink() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supp...6.5Dec 1, 2025
CVE-2025-65407A use-after-free in the MPEG1or2Demux::newElementaryStream() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MPEG Program...6.5Dec 1, 2025
CVE-2025-65406A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MKV file.6.5Dec 1, 2025
CVE-2025-65405A use-after-free in the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ADTS/AAC...6.5Dec 1, 2025
CVE-2025-65404A buffer overflow in the getSideInfo2() function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service (DoS) via a crafted MP3 stream.6.5Dec 1, 2025
CVE-2023-37117A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP.9.8Jan 12, 2024
CVE-2021-41396Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overfl...7.5Jul 11, 2022
CVE-2021-39282Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files.7.5Aug 18, 2021
CVE-2021-39283liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands.5.5Aug 18, 2021
CVE-2021-38380Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack.7.5Aug 10, 2021
CVE-2021-38381Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.6.5Aug 10, 2021
CVE-2021-38382Live555 through 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.6.5Aug 10, 2021
CVE-2021-28899Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 St...7.5Apr 29, 2021
CVE-2020-24027In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time.9.8Jan 11, 2021
CVE-2019-15232Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 an...9.8Aug 19, 2019