Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videolan vlc media player vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-5460
Double Free in VLC versions <= 3.0.6 leads to a crash.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
7.1
CVSSv3
CVE-2019-5459
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
Videolan Vlc Media Player
Opensuse Backports Sle 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-13962
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player up to and including 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
1 Article
5.5
CVSSv3
CVE-2019-13615
libebml prior to 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries prior to 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
Videolan Vlc Media Player
1 Article
7.8
CVSSv3
CVE-2019-13602
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player up to and including 3.0.7.1 allows remote malicious users to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a craft...
Videolan Vlc Media Player
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
1 Article
9.8
CVSSv3
CVE-2019-12874
An issue exists in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x up to and including 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
Videolan Vlc Media Player
6.5
CVSSv3
CVE-2019-5439
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
Videolan Vlc Media Player
6.6
CVSSv3
CVE-2018-19937
A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app prior to 3.1.5 for iOS by opening a URL and turning the phone.
Videolan Vlc For Mobile
9.1
CVSSv3
CVE-2018-19857
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could...
Videolan Vlc Media Player 3.0.4
Debian Debian Linux 9.0
8
CVSSv3
CVE-2018-11529
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
Debian Debian Linux 9.0
Videolan Vlc Media Player
1 EDB exploit
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »