Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
videolan vlc media player vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-14498
A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.
Videolan Vlc Media Player 3.0.7.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2019-13602
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player up to and including 3.0.7.1 allows remote malicious users to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a craft...
Videolan Vlc Media Player
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
1 Article
6.8
CVSSv2
CVE-2018-11529
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
Debian Debian Linux 9.0
Videolan Vlc Media Player
1 EDB exploit
1 Article
6.8
CVSSv2
CVE-2018-11516
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote malicious users to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.
Videolan Vlc Media Player 3.0.1
Videolan Vlc Media Player 3.0.0
6.8
CVSSv2
CVE-2017-17670
In VideoLAN VLC media player up to and including 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.
Videolan Vlc Media Player
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2017-9301
plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote malicious users to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.
Videolan Vlc Media Player
6.8
CVSSv2
CVE-2017-9300
plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote malicious users to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.
Videolan Vlc Media Player
6.8
CVSSv2
CVE-2017-8311
Potential heap based buffer overflow in ParseJSS in VideoLAN VLC prior to 2.2.5 due to skipping NULL terminator in an input string allows malicious users to execute arbitrary code via a crafted subtitles file.
Videolan Vlc Media Player
1 EDB exploit
6.8
CVSSv2
CVE-2015-5949
VideoLAN VLC media player 2.2.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.
Videolan Vlc Media Player
6.8
CVSSv2
CVE-2014-9597
The picture_pool_Delete function in misc/picture_pool.c in VideoLAN VLC media player 2.1.5 allows remote malicious users to execute arbitrary code or cause a denial of service (DEP violation and application crash) via a crafted FLV file.
Videolan Vlc Media Player 2.1.5
1 EDB exploit
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »