Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vlc media player vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-0522
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 prior to 1.1.6-rc allows remote malicious users to execute arbitrary code via a subtitle with an opening...
Videolan Vlc Media Player 1.1.3
Videolan Vlc Media Player 1.1.4
Videolan Vlc Media Player 1.1.5
Videolan Vlc Media Player 1.1.2
Videolan Vlc Media Player 1.1.0
Videolan Vlc Media Player 1.1.6
Videolan Vlc Media Player 1.1.1
1 EDB exploit
NA
CVE-2008-5036
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x prior to 0.9.6 might allow user-assisted malicious users to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was...
Videolan Vlc Media Player 0.9.0
Videolan Vlc Media Player 0.9.4
Videolan Vlc Media Player 0.9.1
Videolan Vlc Media Player 0.9.5
Videolan Vlc Media Player 0.9.2
Videolan Vlc Media Player 0.9
Videolan Vlc Media Player 0.9.3
2 EDB exploits
NA
CVE-2013-1954
The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read.
Videolan Vlc Media Player
Videolan Vlc Media Player 2.0.2
Videolan Vlc Media Player 2.0.1
Videolan Vlc Media Player 2.0.0
Videolan Vlc Media Player 2.0.3
Videolan Vlc Media Player 2.0.4
5.5
CVSSv3
CVE-2017-8310
Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows malicious users to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file.
Videolan Vlc Media Player 2.2.4
Videolan Vlc Media Player 2.2.2
Videolan Vlc Media Player 2.2.3
Videolan Vlc Media Player 2.2.1
Videolan Vlc Media Player 2.2.0
Videolan Vlc Media Player 2.2.5
NA
CVE-2012-5855
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and previous versions might allow user-assisted malicious users to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE:...
Videolan Vlc Media Player 2.0.0
Videolan Vlc Media Player 2.0.1
Videolan Vlc Media Player 2.0.3
Videolan Vlc Media Player 2.0.2
Videolan Vlc Media Player
NA
CVE-2013-1868
Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and previous versions allow remote malicious users to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.
Videolan Vlc Media Player 2.0.3
Videolan Vlc Media Player 2.0.2
Videolan Vlc Media Player
Videolan Vlc Media Player 2.0.0
Videolan Vlc Media Player 2.0.1
1 EDB exploit
NA
CVE-2008-4654
Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 up to and including 0.9.4 allows remote malicious users to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.
Videolan Vlc Media Player 0.9.4
Videolan Vlc Media Player 0.9.1
Videolan Vlc Media Player 0.9.2
Videolan Vlc Media Player 0.9
Videolan Vlc Media Player 0.9.3
3 EDB exploits
4 Github repositories
NA
CVE-2008-4686
Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote malicious users to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.
Videolan Vlc Media Player 0.9.0
Videolan Vlc Media Player 0.9.4
Videolan Vlc Media Player 0.9.1
Videolan Vlc Media Player 0.9.2
Videolan Vlc Media Player 0.9.3
2 EDB exploits
NA
CVE-2007-6262
A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 prior to 0.8.6d allows remote malicious users to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka...
Videolan Vlc Media Player 0.8.6b
Videolan Vlc Media Player 0.8.6
Videolan Vlc Media Player 0.8.6a
1 EDB exploit
8.8
CVSSv3
CVE-2018-11516
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote malicious users to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.
Videolan Vlc Media Player 3.0.1
Videolan Vlc Media Player 3.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »