Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vlc vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-47359
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
Videolan Vlc Media Player
9.8
CVSSv3
CVE-2020-6072
An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the rr_decode function's return value is not checked, leading to a double free that could be exploited to ex...
Videolabs Libmicrodns 0.1.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2019-13962
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player up to and including 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
1 Article
9.8
CVSSv3
CVE-2019-12874
An issue exists in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x up to and including 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
Videolan Vlc Media Player
9.8
CVSSv3
CVE-2017-10699
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x prior to 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution.
Videolan Vlc Media Player 2.2.7
Videolan Vlc Media Player 2.2.4
Videolan Vlc Media Player 2.2.2
Videolan Vlc Media Player 2.2.5.1
Videolan Vlc Media Player 2.2.3
Videolan Vlc Media Player 2.2.6
Videolan Vlc Media Player 2.2.1
Videolan Vlc Media Player 2.2.0
Videolan Vlc Media Player 2.2.5
9.8
CVSSv3
CVE-2014-6440
VideoLAN VLC media player prior to 2.1.5 allows remote malicious users to execute arbitrary code or cause a denial of service.
Videolan Vlc
9.8
CVSSv3
CVE-2016-5108
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player prior to 2.2.4 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
Debian Debian Linux 8.0
Videolan Vlc Media Player
1 EDB exploit
9.1
CVSSv3
CVE-2018-19857
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could...
Videolan Vlc Media Player 3.0.4
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2018-11516
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote malicious users to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.
Videolan Vlc Media Player 3.0.1
Videolan Vlc Media Player 3.0.0
8.8
CVSSv3
CVE-2017-17670
In VideoLAN VLC media player up to and including 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.
Videolan Vlc Media Player
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »