Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videolan vlc media player vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2014-9630
The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player prior to 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote malicious users to cause a denial of service (memory corruption) ...
Videolan Vlc Media Player
NA
CVE-2014-9743
Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player prior to 2.2.0 allows remote malicious users to inject arbitrary web script or HTML via the path info.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2017-9300
plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote malicious users to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2017-9301
plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote malicious users to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.
Videolan Vlc Media Player
6.5
CVSSv3
CVE-2019-5439
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
Videolan Vlc Media Player
9.8
CVSSv3
CVE-2019-12874
An issue exists in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x up to and including 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
Videolan Vlc Media Player
NA
CVE-2015-5949
VideoLAN VLC media player 2.2.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.
Videolan Vlc Media Player
9.8
CVSSv3
CVE-2023-47359
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
Videolan Vlc Media Player
7.5
CVSSv3
CVE-2023-47360
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2017-8311
Potential heap based buffer overflow in ParseJSS in VideoLAN VLC prior to 2.2.5 due to skipping NULL terminator in an input string allows malicious users to execute arbitrary code via a crafted subtitles file.
Videolan Vlc Media Player
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »