Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
player vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2022-35978
Minetest is a free open-source voxel game engine with easy modding and game creation. In **single player**, a mod can set a global setting that controls the Lua script loaded to display the main menu. The script is then loaded as soon as the game session is exited. The Lua enviro...
Minetest Minetest
9.8
CVSSv3
CVE-2024-1061
The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'get_view' function.
Bplugins Html5 Video Player
9.8
CVSSv3
CVE-2023-47359
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
Videolan Vlc Media Player
9.8
CVSSv3
CVE-2022-36246
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions.
Shopbeat Shop Beat Media Player
9.8
CVSSv3
CVE-2023-27105
A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch OS v3.3 allows malicious users to arbitrarily read, delete, or modify any critical system files via dir...
Shanling Eddict Player 2.1.3
Shanling Mtouch Os 3.3
1 Github repository
9.8
CVSSv3
CVE-2012-10011
A vulnerability was found in HD FLV PLayer Plugin up to 1.7 on WordPress. It has been rated as critical. Affected by this issue is the function hd_add_media/hd_update_media of the file functions.php. The manipulation of the argument name leads to sql injection. The attack may be ...
Contus Hd Flv Player
9.8
CVSSv3
CVE-2023-1479
A vulnerability classified as critical has been found in SourceCodester Simple Music Player 1.0. Affected is an unknown function of the file save_music.php. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The e...
Simple Music Player Project Simple Music Player 1.0
9.8
CVSSv3
CVE-2022-43256
SeaCms before v12.6 exists to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php.
Seacms Seacms
9.8
CVSSv3
CVE-2022-32270
In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to plant executables in the startup folder (DLL planting could also occur).
Realnetworks Realplayer 20.0.8.310
Realnetworks Realplayer 20.0.7.309
9.8
CVSSv3
CVE-2022-32269
In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution.
Realnetworks Realplayer 20.0.8.310
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »