Filtered by vendor Videolan
Subscribe
Total
126 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2484 | 2 Microsoft, Videolan | 2 Windows, Vlc Media Player | 2023-11-07 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long smb URI in a playlist file. | |||||
| CVE-2008-5276 | 1 Videolan | 1 Vlc Media Player | 2023-11-07 | 9.3 HIGH | N/A |
| Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow. | |||||
| CVE-2008-5036 | 1 Videolan | 1 Vlc Media Player | 2023-11-07 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110. | |||||
| CVE-2008-5032 | 1 Videolan | 1 Vlc Media Player | 2023-11-07 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036. | |||||
| CVE-2008-4686 | 1 Videolan | 1 Vlc Media Player | 2023-11-07 | 9.3 HIGH | N/A |
| Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654. | |||||
| CVE-2008-4654 | 1 Videolan | 1 Vlc Media Player | 2023-11-07 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value. | |||||
| CVE-2008-2147 | 1 Videolan | 1 Vlc | 2023-11-07 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory. | |||||
| CVE-2008-1769 | 1 Videolan | 1 Vlc | 2023-11-07 | 6.8 MEDIUM | N/A |
| VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption. | |||||
| CVE-2018-11516 | 1 Videolan | 1 Vlc Media Player | 2023-03-03 | 6.8 MEDIUM | 8.8 HIGH |
| The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file. | |||||
| CVE-2019-5460 | 2 Opensuse, Videolan | 3 Backports, Leap, Vlc Media Player | 2023-03-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Double Free in VLC versions <= 3.0.6 leads to a crash. | |||||
| CVE-2020-26664 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2023-02-03 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file. | |||||
| CVE-2022-41325 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2022-12-08 | N/A | 7.8 HIGH |
| An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions. | |||||
| CVE-2021-25802 | 1 Videolan | 1 Vlc Media Player | 2022-05-03 | 5.8 MEDIUM | 7.1 HIGH |
| A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. | |||||
| CVE-2021-25803 | 1 Videolan | 1 Vlc Media Player | 2022-05-03 | 5.8 MEDIUM | 7.1 HIGH |
| A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. | |||||
| CVE-2021-25801 | 1 Videolan | 1 Vlc Media Player | 2022-05-03 | 5.8 MEDIUM | 7.1 HIGH |
| A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. | |||||
| CVE-2019-5459 | 2 Opensuse, Videolan | 4 Backports, Backports Sle, Leap and 1 more | 2021-11-03 | 5.8 MEDIUM | 7.1 HIGH |
| An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. | |||||
| CVE-2021-25804 | 1 Videolan | 1 Vlc Media Player | 2021-08-04 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application. | |||||
| CVE-2019-14437 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file. | |||||
| CVE-2019-18278 | 2 Microsoft, Videolan | 2 Windows, Vlc Media Player | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security team indicates that they have not been contacted, and have no way of reproducing this issue. | |||||
| CVE-2019-14970 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. | |||||