Gomlab

gomlab

13 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Gom Media Player

gom_media_player

CVEs (13)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-53875 1Gomlab 1Gom Player Dec 18, 2025 Dec 15, 2025 7.5 HIGH· v4 8.8 HIGH· v3 N/A· v2 GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malici...Show more GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server interaction.Show less
CVE-2023-53874 1Gomlab 1Gom Player Dec 18, 2025 Dec 15, 2025 6.7 MEDIUM· v4 9.8 CRITICAL· v3 N/A· v2 GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to...Show more GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability.Show less
CVE-2017-5881 1Gomlab 1Gom Player May 13, 2026 Feb 21, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file.
CVE-2014-3899 1Gomlab 1Gom Player May 6, 2026 Aug 12, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Gretech GOM Player 2.2.51.5149 and earlier allows remote attackers to cause a denial of service (launch outage) via a crafted image file.
CVE-2014-3216 1Gomlab 1Gom Media Player May 6, 2026 Jun 10, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 GOM Media Player 2.2.57.5189 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
CVE-2013-7184 1Gomlab 1Gom Player Apr 29, 2026 Jan 24, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
CVE-2013-5716 1Gomlab 1Gom Player Apr 29, 2026 Sep 9, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file.
CVE-2013-5715 1Gomlab 1Gom Player Apr 29, 2026 Sep 9, 2013 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors.
CVE-2011-5162 1Gomlab 1Gom Player Apr 29, 2026 Sep 15, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-...Show more Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression.Show less
CVE-2012-1774 1Gomlab 1Gom Media Player Apr 29, 2026 Mar 18, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the Open URL feature in Gretech GOM Media Player before 2.1.39.5101 has unknown impact and attack vectors, a different vulnerability than CVE-2007-5779 and CVE-2012-1264.
CVE-2012-1264 1Gomlab 1Gom Media Player Apr 29, 2026 Mar 18, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Gretech GOM Media Player before 2.1.37.5091 allows remote attackers to execute arbitrary code via a crafted AVI file.
CVE-2009-1497 1Gomlab 1Gom Player Apr 23, 2026 May 1, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file.
CVE-2009-1022 1Gomlab 1Gom Encoder Apr 23, 2026 Mar 20, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application cra...Show more Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.Show less