Search Results (128 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-4388 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2013-6283 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file.
CVE-2010-3124 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file.
CVE-2010-3275 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."
CVE-2010-3907 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.
CVE-2012-5855 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction.
CVE-2011-1087 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.
CVE-2012-0023 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.
CVE-2011-2587 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file.
CVE-2011-2588 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.
CVE-2011-1931 3 Ffmpeg, Libav, Videolan 4 Ffmpeg, Libavcodec, Libav and 1 more 2025-04-11 N/A
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
CVE-2023-46814 2 Microsoft, Videolan 2 Windows, Vlc Media Player 2024-11-21 7.8 High
A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.
CVE-2021-25804 1 Videolan 1 Vlc Media Player 2024-11-21 7.5 High
A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.
CVE-2021-25803 1 Videolan 1 Vlc Media Player 2024-11-21 7.1 High
A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
CVE-2021-25802 1 Videolan 1 Vlc Media Player 2024-11-21 7.1 High
A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
CVE-2021-25801 1 Videolan 1 Vlc Media Player 2024-11-21 7.1 High
A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
CVE-2020-26664 2 Debian, Videolan 2 Debian Linux, Vlc Media Player 2024-11-21 7.8 High
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
CVE-2020-13428 2 Debian, Videolan 2 Debian Linux, Vlc Media Player 2024-11-21 7.8 High
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.
CVE-2019-5460 2 Opensuse, Videolan 3 Backports, Leap, Vlc Media Player 2024-11-21 5.5 Medium
Double Free in VLC versions <= 3.0.6 leads to a crash.
CVE-2019-5459 2 Opensuse, Videolan 4 Backports, Backports Sle, Leap and 1 more 2024-11-21 7.1 High
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.