Filtered by vendor Videolan
Subscribe
Total
127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1684 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 4.3 MEDIUM | N/A |
| The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file. | |||||
| CVE-2016-5108 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file. | |||||
| CVE-2010-1444 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 7.5 HIGH | N/A |
| The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted archive. | |||||
| CVE-2016-3941 | 2 Canonical, Videolan | 2 Ubuntu Linux, Vlc Media Player | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF." | |||||
| CVE-2015-5949 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 6.8 MEDIUM | N/A |
| VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers. | |||||
| CVE-2010-1445 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session. | |||||
| CVE-2014-9598 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 6.8 MEDIUM | N/A |
| The picture_Release function in misc/picture.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (write access violation) via a crafted M2V file. | |||||
| CVE-2014-9597 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 6.8 MEDIUM | N/A |
| The picture_pool_Delete function in misc/picture_pool.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (DEP violation and application crash) via a crafted FLV file. | |||||
| CVE-2010-1441 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) A/52, (2) DTS, or (3) MPEG Audio decoder. | |||||
| CVE-2014-9743 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info. | |||||
| CVE-2011-3623 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c. | |||||
| CVE-2010-2062 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 7.5 HIGH | N/A |
| Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header. | |||||
| CVE-2014-3441 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 4.3 MEDIUM | N/A |
| codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file. | |||||
| CVE-2010-1443 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 5.0 MEDIUM | N/A |
| The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty location element in an XML Shareable Playlist Format (XSPF) document. | |||||
| CVE-2013-7340 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 4.3 MEDIUM | N/A |
| VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file. | |||||
| CVE-2010-1442 | 1 Videolan | 1 Vlc Media Player | 2025-04-12 | 7.5 HIGH | N/A |
| VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer. | |||||
| CVE-2011-0531 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | 9.3 HIGH | N/A |
| demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro. | |||||
| CVE-2011-2588 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file. | |||||
| CVE-2010-3124 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file. | |||||
| CVE-2012-0904 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | 4.3 MEDIUM | N/A |
| VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file. | |||||