Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videolan vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2019-18278
When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security team indicates that they have not been contacted, and have no w...
Videolan Vlc Media Player 3.0.8
5
CVSSv2
CVE-2007-6683
The browser plugin in VideoLAN VLC 0.8.6d allows remote malicious users to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
Videolan Vlc 0.8.6d
9.3
CVSSv2
CVE-2009-2484
Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a l...
Videolan Vlc Media Player 0.9.9
2 EDB exploits
6.8
CVSSv2
CVE-2008-1881
Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote malicious users to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681.
Videolan Vlc 0.8.6e
2 EDB exploits
9.3
CVSSv2
CVE-2008-2430
Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote malicious users to execute arbitrary code via a large fmt chunk in a WAV file.
Videolan Vlc Media Player 0.8.6h
5
CVSSv2
CVE-2007-6684
The RTSP module in VideoLAN VLC 0.8.6d allows remote malicious users to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.
Videolan Vlc 0.8.6d
6.8
CVSSv2
CVE-2008-1489
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability tha...
Videolan Vlc 0.8.6e
1 EDB exploit
6.8
CVSSv2
CVE-2019-19721
An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player prior to 3.0.9 allows remote malicious users to cause a denial of service (memory corruption) via a crafted image file. NOTE: this may be related to the SDL_Image product.
Videolan Vlc Media Player
6.8
CVSSv2
CVE-2017-9300
plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote malicious users to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.
Videolan Vlc Media Player
6.8
CVSSv2
CVE-2017-9301
plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote malicious users to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.
Videolan Vlc Media Player
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »