Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videolan vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-14535
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 10.0
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2019-14438
A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote malicious users to trigger a heap-based buffer over-read via a crafted .ogg file.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Article
4.3
CVSSv2
CVE-2019-5460
Double Free in VLC versions <= 3.0.6 leads to a crash.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
5.8
CVSSv2
CVE-2019-5459
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
Videolan Vlc Media Player
Opensuse Backports Sle 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.0
Opensuse Leap 15.1
7.5
CVSSv2
CVE-2019-13962
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player up to and including 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
1 Article
4.3
CVSSv2
CVE-2019-13615
libebml prior to 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries prior to 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
Videolan Vlc Media Player
1 Article
6.8
CVSSv2
CVE-2019-13602
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player up to and including 3.0.7.1 allows remote malicious users to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a craft...
Videolan Vlc Media Player
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
1 Article
7.5
CVSSv2
CVE-2019-12874
An issue exists in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x up to and including 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
Videolan Vlc Media Player
4.3
CVSSv2
CVE-2019-5439
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
Videolan Vlc Media Player
4.6
CVSSv2
CVE-2018-19937
A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app prior to 3.1.5 for iOS by opening a URL and turning the phone.
Videolan Vlc For Mobile
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »