Realnetworks

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-4375 1Realnetworks 1Realplayer Apr 29, 2026 Dec 14, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execu...Show more Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via malformed multi-rate data in an audio stream.Show less
CVE-2010-2999 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Dec 14, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or caus...Show more Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed MLLT atom in an AAC file.Show less
CVE-2010-2997 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Dec 14, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other version...Show more Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted StreamTitle tag in an ICY SHOUTcast stream, related to the SMIL file format.Show less
CVE-2010-2579 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Dec 14, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize t...Show more The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory access" via unknown vectors.Show less
CVE-2010-0125 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Dec 14, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 do not properly parse spectral data in AAC files, which has unspecified...Show more RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 do not properly parse spectral data in AAC files, which has unspecified impact and remote attack vectors.Show less
CVE-2010-0121 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Dec 14, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has...Show more The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors.Show less
CVE-2010-3751 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Oct 19, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to th...Show more Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler.Show less
CVE-2010-3750 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Oct 19, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, wh...Show more rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value Property (NVP) elements in logical streams in a media file.Show less
CVE-2010-3749 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Oct 19, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an...Show more The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (double quote) in an argument to the RecordClip method, aka "parameter injection."Show less
CVE-2010-3748 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Oct 19, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via...Show more Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors.Show less
CVE-2010-3747 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Oct 19, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI,...Show more An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and application crash) via a long URI.Show less
CVE-2010-2998 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Oct 19, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 allows remote attackers to execute arbitrary code via malformed sample data in a RealMedia .IVR file, related to a "malfo...Show more Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 allows remote attackers to execute arbitrary code via malformed sample data in a RealMedia .IVR file, related to a "malformed IVR pointer index" issue.Show less
CVE-2010-2578 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Oct 19, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted QCP file.
CVE-2010-3002 1Realnetworks 1Realplayer Apr 29, 2026 Aug 30, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 allows attackers to bypass intended access restrictions on files via unknown vectors.
CVE-2010-3001 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Aug 30, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows has unknown impact and attack vectors relat...Show more Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows has unknown impact and attack vectors related to "multiple browser windows."Show less
CVE-2010-3000 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Aug 30, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FL...Show more Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file.Show less
CVE-2010-2996 1Realnetworks 1Realplayer Apr 29, 2026 Aug 30, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Windows allows remote attackers to execute arbitrary code via a malformed header in a RealMedia .IVR file.
CVE-2010-0120 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Aug 30, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content.
CVE-2010-0117 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Aug 30, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via c...Show more RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via crafted MP4 content.Show less
CVE-2010-0116 1Realnetworks 2Realplayer Realplayer Sp Apr 29, 2026 Aug 30, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer...Show more Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow.Show less

Previous 1...567...11 Next