CVEs (113)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file. |
2Opensuse Videolan3Backports LeapVlc Media PlayerNov 21, 2024 Jul 30, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Double Free in VLC versions <= 3.0.6 leads to a crash. |
2Opensuse Videolan4Backports Backports SleLeap+1 moreNov 21, 2024 Jul 30, 2019 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. |
4Canonical DebianOpensuse+1 more5Backports Sle Debian LinuxLeap+2 moreNov 21, 2024 Jul 18, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. |
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement. |
4Canonical DebianOpensuse+1 more5Backports Sle Debian LinuxLeap+2 moreNov 21, 2024 Jul 14, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly...Show more |
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free. |
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Dec 5, 2018 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value t...Show more |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Jul 11, 2018 N/A· v4 8.0 HIGH· v3 6.8 MEDIUM· v2 VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service c...Show more |
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified...Show more |