Vulnerabilities (CVE)

Filtered by vendor Realnetworks Subscribe
Total 217 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-1181 1 Realnetworks 1 Realserver 2024-11-20 5.0 MEDIUM N/A
Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL.
CVE-2000-0474 1 Realnetworks 1 Realserver 2024-11-20 7.8 HIGH N/A
Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory.
CVE-2000-0280 1 Realnetworks 1 Realplayer 2024-11-20 2.6 LOW N/A
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.
CVE-2000-0272 1 Realnetworks 1 Realserver 2024-11-20 7.8 HIGH N/A
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070.
CVE-2000-0185 1 Realnetworks 2 Realserver, Realserver G2 2024-11-20 5.0 MEDIUM N/A
RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private.
CVE-2000-0001 1 Realnetworks 1 Realserver 2024-11-20 5.0 MEDIUM N/A
RealMedia server allows remote attackers to cause a denial of service via a long ramgen request.
CVE-1999-1369 1 Realnetworks 1 Realserver 2024-11-20 4.6 MEDIUM N/A
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges.
CVE-1999-1282 1 Realnetworks 1 Realsystem G2 Server 2024-11-20 4.6 MEDIUM N/A
RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges.
CVE-1999-1045 1 Realnetworks 1 Realserver 2024-11-20 7.8 HIGH N/A
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request.
CVE-1999-0896 1 Realnetworks 1 Realserver G2 2024-11-20 10.0 HIGH N/A
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password.
CVE-2022-32269 1 Realnetworks 1 Realplayer 2024-02-28 7.5 HIGH 9.8 CRITICAL
In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution.
CVE-2022-32270 1 Realnetworks 1 Realplayer 2024-02-28 7.5 HIGH 9.8 CRITICAL
In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to plant executables in the startup folder (DLL planting could also occur).
CVE-2022-32271 1 Realnetworks 1 Realplayer 2024-02-28 6.8 MEDIUM 9.6 CRITICAL
In Real Player 20.0.8.310, there is a DCP:// URI Remote Arbitrary Code Execution Vulnerability. This is an internal URL Protocol used by Real Player to reference a file that contains an URL. It is possible to inject script code to arbitrary domains. It is also possible to reference arbitrary local files.
CVE-2022-32291 1 Realnetworks 1 Realplayer 2024-02-28 6.8 MEDIUM 8.8 HIGH
In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname (for a DLL file) in a RAM file.
CVE-2018-13121 1 Realnetworks 1 Realone Player 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file.
CVE-2017-9302 1 Realnetworks 1 Realplayer 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
RealPlayer 16.0.2.32 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp4 file.
CVE-2016-9018 1 Realnetworks 1 Realplayer 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file.