Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videolan vlc media player vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-5439
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
Videolan Vlc Media Player
NA
CVE-2007-3467
Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player prior to 0.8.6c allows remote malicious users to cause a denial of service (crash) via a WAV file with a large sample rate.
Videolan Vlc Media Player
NA
CVE-2007-3468
input.c in VideoLAN VLC Media Player prior to 0.8.6c allows remote malicious users to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.
Videolan Vlc Media Player
NA
CVE-2015-5949
VideoLAN VLC media player 2.2.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2017-8311
Potential heap based buffer overflow in ParseJSS in VideoLAN VLC prior to 2.2.5 due to skipping NULL terminator in an input string allows malicious users to execute arbitrary code via a crafted subtitles file.
Videolan Vlc Media Player
1 EDB exploit
5.5
CVSSv3
CVE-2017-8313
Heap out-of-bound read in ParseJSS in VideoLAN VLC prior to 2.2.5 due to missing check of string termination allows malicious users to read data beyond allocated memory and potentially crash the process via a crafted subtitles file.
Videolan Vlc Media Player
5.3
CVSSv3
CVE-2013-3564
The web interface in VideoLAN VLC media player prior to 2.0.7 has no access control which allows remote malicious users to view directory listings via the 'dir' command or issue other commands without authenticating.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2014-9625
The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player prior to 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote malicious users to conduct buffer overflow attacks and execute arbitrary code...
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2014-9626
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player prior to 2.1.6 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2014-9627
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player prior to 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote malicious users to cause a denial of service or possibly have unspecified ...
Videolan Vlc Media Player
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »