Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videolan vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-2430
Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote malicious users to execute arbitrary code via a large fmt chunk in a WAV file.
Videolan Vlc Media Player 0.8.6h
5
CVSSv2
CVE-2007-6684
The RTSP module in VideoLAN VLC 0.8.6d allows remote malicious users to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.
Videolan Vlc 0.8.6d
6.8
CVSSv2
CVE-2008-1489
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability tha...
Videolan Vlc 0.8.6e
1 EDB exploit
9.3
CVSSv2
CVE-2009-2484
Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a l...
Videolan Vlc Media Player 0.9.9
2 EDB exploits
4.6
CVSSv2
CVE-2019-18278
When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security team indicates that they have not been contacted, and have no w...
Videolan Vlc Media Player 3.0.8
6.8
CVSSv2
CVE-2008-1881
Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote malicious users to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681.
Videolan Vlc 0.8.6e
2 EDB exploits
5
CVSSv2
CVE-2007-6683
The browser plugin in VideoLAN VLC 0.8.6d allows remote malicious users to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
Videolan Vlc 0.8.6d
NA
CVE-2023-47360
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
Videolan Vlc Media Player
4.3
CVSSv2
CVE-2019-5439
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
Videolan Vlc Media Player
4.6
CVSSv2
CVE-2018-19937
A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app prior to 3.1.5 for iOS by opening a URL and turning the phone.
Videolan Vlc For Mobile
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »