SUSE CVE-2013-3245

plugins/demux/libmkvplugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer...

CVE-2025-65406

LIVE555 Streaming Media 2018.09.02 contains a heap overflow in MatroskaFile::createRTPSinkForTrackNumber(), which can be triggered by supplying a crafted MKV file to cause a Denial of Service. Public sources in the connected docs consistently reference this CVE-2025-65406 and describe DoS impact;...

EUVD-2019-19083

Malware in sbrugna...

EUVD-2010-4343

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-14970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in mkv::eventthreadt in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv fil...

CVE-2024-49777

A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Denial of Service DoS, Information Disclosure and Code Execution via a crafted MKV video file...

tsMuxer 安全漏洞

tsMuxer is a transport stream multiplexer for remixing/multiplexing elementary streams by Dan's personal developer. A security vulnerability exists in version tsMuxer nightly-2024-03-14-01-51-12, which stems from the presence of a buffer overflow that allows an attacker to cause a denial of...

SUSE CVE-2011-3019

Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video aka MKV file...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuitry including primarily semiconductor devices, but also passive components, etc., and is often fabricated on the surface of semiconductor wafers. A buffer error vulnerability exists in Qualcomm that originates fr...

PT-2022-15229 · Qualcomm · Snapdragon Connectivity +7

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions affected versions not specified Description: The issue is related to memory corruption in video due to a buffer overflow that occurs while parsing an mkv clip with no code checker. This problem affects various...

多款Qualcomm产品缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A buffer error vulnerability exists in several Qualcomm products,...

USN-4805-1 vlc vulnerabilities

It was discovered that VLC mishandled certain crafted media files. An attacker could use this vulnerability to cause a denial of service crash or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. CVE-2017-10699 It was discovered that VLC mishandled certain crafted MKV...

DEBIAN-CVE-2020-26664

A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file...

PT-2020-3001 · Microsoft · Windows Codecs Library

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Codecs Library affected versions not specified Description: A remote code execution issue exists due to errors in handling objects in memory. This can be exploited by an attacker to execute arbitrary code using a specially...

Stack overflow

DISPUTED A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence o...

UBUNTU-CVE-2019-9719

DISPUTED A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence o...

DEBIAN-CVE-2019-14776

A heap-based buffer over-read exists in DemuxInit in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file...

DEBIAN-CVE-2019-9718

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

CVE-2019-9718

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

UBUNTU-CVE-2018-11529

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...