Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vlc media player vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2014-9630
The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player prior to 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote malicious users to cause a denial of service (memory corruption) ...
Videolan Vlc Media Player
NA
CVE-2014-9743
Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player prior to 2.2.0 allows remote malicious users to inject arbitrary web script or HTML via the path info.
Videolan Vlc Media Player
NA
CVE-2007-3467
Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player prior to 0.8.6c allows remote malicious users to cause a denial of service (crash) via a WAV file with a large sample rate.
Videolan Vlc Media Player
NA
CVE-2008-0984
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and previous versions, as used in Miro Player 1.1 and previous versions, allows remote malicious users to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
Miro Miro Player
Videolan Vlc Media Player
1 EDB exploit
NA
CVE-2012-2396
VideoLAN VLC media player 2.0.1 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file.
Videolan Vlc Media Player 2.0.1
1 EDB exploit
NA
CVE-2007-0256
VideoLAN VLC 0.8.6a allows remote malicious users to cause a denial of service (application crash) via a crafted .wmv file.
Videolan Vlc Media Player 0.8.6a
2 EDB exploits
7.1
CVSSv3
CVE-2021-25802
A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows malicious users to cause an out-of-bounds read via a crafted .avi file.
Videolan Vlc Media Player 3.0.11
7.5
CVSSv3
CVE-2021-25804
A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.
Videolan Vlc Media Player 3.0.11
1 Github repository
NA
CVE-2008-4558
Array index error in VLC media player 0.9.2 allows remote malicious users to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.
Videolan Vlc Media Player 0.9.2
1 EDB exploit
NA
CVE-2009-1045
requests/status.xml in VLC 0.9.8a allows remote malicious users to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action.
Videolan Vlc Media Player 0.9.8a
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »