Videolan
videolan
127 CVEs • 5 products
Products (5)
Click to collapseToggle
Products (5)
Click to collapse
CVEs (127)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduc...Show more |
4Debian FedoraprojectRedhat+1 more4Debian Linux Enterprise LinuxFedora+1 moreNov 21, 2024 Nov 22, 2019 N/A· v4 4.7 MEDIUM· v3 3.3 LOW· v2 libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files |
When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security tea...Show more |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file. |
2Debian Videolan2Debian Linux Vlc Media PlayerNov 21, 2024 Aug 29, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file. |
2Opensuse Videolan3Backports LeapVlc Media PlayerNov 21, 2024 Jul 30, 2019 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Double Free in VLC versions <= 3.0.6 leads to a crash. |
2Opensuse Videolan4Backports Backports SleLeap+1 moreNov 21, 2024 Jul 30, 2019 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. |
4Canonical DebianOpensuse+1 more5Backports Sle Debian LinuxLeap+2 moreNov 21, 2024 Jul 18, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. |
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement. |
4Canonical DebianOpensuse+1 more5Backports Sle Debian LinuxLeap+2 moreNov 21, 2024 Jul 14, 2019 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly...Show more |
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free. |
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit. |