Filtered by vendor Videolan
Subscriptions
Total
126 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1775 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream. | ||||
| CVE-2012-0904 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file. | ||||
| CVE-2012-0023 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file. | ||||
| CVE-2013-6934 | 2 Live555, Videolan | 2 Streaming Media, Vlc Media Player | 2024-08-06 | N/A |
| The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6933. | ||||
| CVE-2013-6283 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file. | ||||
| CVE-2013-4388 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-3564 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | 5.3 Medium |
| The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating. | ||||
| CVE-2013-3565 | 2 Opensuse, Videolan | 2 Opensuse, Vlc Media Player | 2024-08-06 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua. | ||||
| CVE-2013-1954 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read. | ||||
| CVE-2013-1868 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser. | ||||
| CVE-2014-9628 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | 7.8 High |
| The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7. | ||||
| CVE-2014-9630 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | 7.8 High |
| The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value. | ||||
| CVE-2014-9629 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | 7.8 High |
| Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value. | ||||
| CVE-2014-9625 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | 7.8 High |
| The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update status file, aka an "integer truncation" vulnerability. | ||||
| CVE-2014-9627 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | 7.8 High |
| The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size. | ||||
| CVE-2014-9626 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | 7.8 High |
| Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7. | ||||
| CVE-2014-9597 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| The picture_pool_Delete function in misc/picture_pool.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (DEP violation and application crash) via a crafted FLV file. | ||||
| CVE-2014-9598 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| The picture_Release function in misc/picture.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (write access violation) via a crafted M2V file. | ||||
| CVE-2014-6440 | 1 Videolan | 1 Vlc | 2024-08-06 | N/A |
| VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service. | ||||
| CVE-2014-3441 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | N/A |
| codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file. | ||||