Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vlc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-47360
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
Videolan Vlc Media Player
6.5
CVSSv3
CVE-2019-5439
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
Videolan Vlc Media Player
NA
CVE-2008-0295
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and previous versions, allows user-assisted remote malicious users to cause a denial of service (crash) or execute arbitrary code via long Session Des...
Videolan Vlc Media Player
1 EDB exploit
5.5
CVSSv3
CVE-2019-13615
libebml prior to 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries prior to 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
Videolan Vlc Media Player
1 Article
9.8
CVSSv3
CVE-2019-12874
An issue exists in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x up to and including 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
Videolan Vlc Media Player
NA
CVE-2015-5949
VideoLAN VLC media player 2.2.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2017-9300
plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote malicious users to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2014-9625
The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player prior to 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote malicious users to conduct buffer overflow attacks and execute arbitrary code...
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2014-9628
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player prior to 2.1.6 allows remote malicious users to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7.
Videolan Vlc Media Player
7.8
CVSSv3
CVE-2014-9629
Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player prior to 2.1.6 and 2.2.x prior to 2.2.1 allows remote malicious users to conduct buffer overflow attacks and execute arbitrary code via a crafted length value.
Videolan Vlc Media Player
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »