Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vlc media player vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-3794
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote malicious users to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer ove...
Videolan Vlc Media Player 0.8.6i
1 EDB exploit
7.8
CVSSv2
CVE-2007-0256
VideoLAN VLC 0.8.6a allows remote malicious users to cause a denial of service (application crash) via a crafted .wmv file.
Videolan Vlc Media Player 0.8.6a
2 EDB exploits
7.5
CVSSv2
CVE-2013-6934
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP ...
Live555 Streaming Media 2013-11-26
Videolan Vlc Media Player
4.3
CVSSv2
CVE-2013-3565
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player prior to 2.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xm...
Videolan Vlc Media Player
Opensuse Opensuse 13.1
6.8
CVSSv2
CVE-2017-17670
In VideoLAN VLC media player up to and including 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.
Videolan Vlc Media Player
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2016-3941
Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player prior to 2.2.0 allows remote malicious users to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF."
Videolan Vlc Media Player
Canonical Ubuntu Linux 14.04
NA
CVE-2022-41325
An integer overflow in the VNC module in VideoLAN VLC Media Player up to and including 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
Videolan Vlc Media Player
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2016-5108
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player prior to 2.2.4 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
Debian Debian Linux 8.0
Videolan Vlc Media Player
1 EDB exploit
6.8
CVSSv2
CVE-2018-11529
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
Debian Debian Linux 9.0
Videolan Vlc Media Player
1 EDB exploit
1 Article
4.3
CVSSv2
CVE-2017-8312
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows malicious users to read heap uninitialized data via a crafted subtitles file.
Videolan Vlc Media Player
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »