Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vlc media player vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41325
An integer overflow in the VNC module in VideoLAN VLC Media Player up to and including 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
Videolan Vlc Media Player
Debian Debian Linux 11.0
685
VMScore
CVE-2018-11529
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
Debian Debian Linux 9.0
Videolan Vlc Media Player
1 EDB exploit
1 Article
605
VMScore
CVE-2017-17670
In VideoLAN VLC media player up to and including 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.
Videolan Vlc Media Player
Debian Debian Linux 9.0
383
VMScore
CVE-2016-3941
Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player prior to 2.2.0 allows remote malicious users to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF."
Videolan Vlc Media Player
Canonical Ubuntu Linux 14.04
755
VMScore
CVE-2016-5108
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player prior to 2.2.4 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
Debian Debian Linux 8.0
Videolan Vlc Media Player
1 EDB exploit
383
VMScore
CVE-2017-8312
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows malicious users to read heap uninitialized data via a crafted subtitles file.
Videolan Vlc Media Player
Debian Debian Linux 8.0
570
VMScore
CVE-2018-19857
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could...
Videolan Vlc Media Player 3.0.4
Debian Debian Linux 9.0
605
VMScore
CVE-2020-26664
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows malicious users to trigger a heap-based buffer overflow via a crafted .mkv file.
Videolan Vlc Media Player
Debian Debian Linux 9.0
Debian Debian Linux 10.0
605
VMScore
CVE-2020-13428
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player prior to 3.0.11 for macOS/iOS allows remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264...
Videolan Vlc Media Player
Debian Debian Linux 9.0
Debian Debian Linux 10.0
605
VMScore
CVE-2019-14535
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »