Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videolan vlc media player vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2019-5459
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
Videolan Vlc Media Player
Opensuse Backports Sle 15.0
Opensuse Backports Sle-15
Opensuse Leap 15.0
Opensuse Leap 15.1
6.6
CVSSv3
CVE-2018-19937
A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app prior to 3.1.5 for iOS by opening a URL and turning the phone.
Videolan Vlc For Mobile
6.5
CVSSv3
CVE-2019-5439
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
Videolan Vlc Media Player
6.1
CVSSv3
CVE-2013-3565
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player prior to 2.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xm...
Videolan Vlc Media Player
Opensuse Opensuse 13.1
5.5
CVSSv3
CVE-2019-14534
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2019-5460
Double Free in VLC versions <= 3.0.6 leads to a crash.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle-15
5.5
CVSSv3
CVE-2019-13615
libebml prior to 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries prior to 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
Videolan Vlc Media Player
1 Article
5.5
CVSSv3
CVE-2017-8310
Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows malicious users to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file.
Videolan Vlc Media Player 2.2.4
Videolan Vlc Media Player 2.2.2
Videolan Vlc Media Player 2.2.3
Videolan Vlc Media Player 2.2.1
Videolan Vlc Media Player 2.2.0
Videolan Vlc Media Player 2.2.5
5.5
CVSSv3
CVE-2017-8312
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows malicious users to read heap uninitialized data via a crafted subtitles file.
Videolan Vlc Media Player
Debian Debian Linux 8.0
5.5
CVSSv3
CVE-2017-8313
Heap out-of-bound read in ParseJSS in VideoLAN VLC prior to 2.2.5 due to missing check of string termination allows malicious users to read data beyond allocated memory and potentially crash the process via a crafted subtitles file.
Videolan Vlc Media Player
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »