Vulnerabilities (CVE)

Filtered by vendor Videolan Subscribe
Total 126 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-1954 1 Videolan 1 Vlc Media Player 2024-11-21 6.8 MEDIUM N/A
The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read.
CVE-2013-1868 1 Videolan 1 Vlc Media Player 2024-11-21 9.3 HIGH N/A
Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.
CVE-2012-5855 1 Videolan 1 Vlc Media Player 2024-11-21 4.3 MEDIUM N/A
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction.
CVE-2012-5470 1 Videolan 1 Vlc Media Player 2024-11-21 4.3 MEDIUM N/A
libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.
CVE-2012-3377 1 Videolan 1 Vlc Media Player 2024-11-21 6.8 MEDIUM N/A
Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.
CVE-2012-2396 1 Videolan 1 Vlc Media Player 2024-11-21 4.3 MEDIUM N/A
VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file.
CVE-2012-1776 1 Videolan 1 Vlc Media Player 2024-11-21 9.3 HIGH N/A
Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.
CVE-2012-1775 1 Videolan 1 Vlc Media Player 2024-11-21 9.3 HIGH N/A
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
CVE-2012-0904 1 Videolan 1 Vlc Media Player 2024-11-21 4.3 MEDIUM N/A
VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file.
CVE-2012-0023 1 Videolan 1 Vlc Media Player 2024-11-21 9.3 HIGH N/A
Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.
CVE-2011-3623 1 Videolan 1 Vlc Media Player 2024-11-21 7.5 HIGH N/A
Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c.
CVE-2011-2588 1 Videolan 1 Vlc Media Player 2024-11-21 6.8 MEDIUM N/A
Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.
CVE-2011-2587 1 Videolan 1 Vlc Media Player 2024-11-21 6.8 MEDIUM N/A
Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file.
CVE-2011-2194 1 Videolan 1 Vlc Media Player 2024-11-21 9.3 HIGH N/A
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
CVE-2011-1931 3 Ffmpeg, Libav, Videolan 4 Ffmpeg, Libavcodec, Libav and 1 more 2024-11-21 6.8 MEDIUM N/A
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
CVE-2011-1684 1 Videolan 1 Vlc Media Player 2024-11-21 6.8 MEDIUM N/A
Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.
CVE-2011-1087 1 Videolan 1 Vlc Media Player 2024-11-21 7.6 HIGH N/A
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.
CVE-2011-0531 1 Videolan 1 Vlc Media Player 2024-11-21 9.3 HIGH N/A
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro.
CVE-2011-0522 1 Videolan 1 Vlc Media Player 2024-11-21 6.8 MEDIUM N/A
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.
CVE-2011-0021 1 Videolan 1 Vlc Media Player 2024-11-21 9.3 HIGH N/A
Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.