3689 matches found
CVE-2026-47114
IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...
EUVD-2026-31331
IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...
PT-2026-42532
IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv -prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that...
Astra Linux - уязвимость в vlc
An integer overflow in the VNC module of the VideoLAN VLC Media Player, as of version 3.0.17.4, allows attackers to exploit this vulnerability by tricking users into opening a specially crafted playlist or connecting to a malicious VNC server. This can result in the crash of the VLC player or the...
Unity Linux 20.1070e Security Update: mpv (UTSA-2026-021502)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021502 advisory. A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file. Tenable has...
Astra Linux - уязвимость в vlc
Videolan VLC prior to version 3.0.20 contains an integer underflow issue that can lead to incorrect packet lengths being displayed...
Astra Linux - уязвимость в vlc
VLC Media Player 3.0.20 and earlier are vulnerable to denial of service due to an integer overflow. This vulnerability can be exploited by a maliciously crafted MMS stream heap-based overflow. If successful, a malicious third party can cause the VLC player to crash or execute arbitrary code with...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from path traversal in the Windows Media Player, where remote host file URLs and UNC-style paths were accept...
Malicious Package
Overview universal-media-player is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
[SECURITY] [DLA 4507-1] vlc security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-4507-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 23, 2026 https://wiki.debian.org/LTS -...
CVE-2026-26228 VLC for Android < 3.7.0 Remote Access Path Traversal
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...
VideoLAN VLC media player 安全漏洞
VideoLAN VLC Media Player is a free, open-source cross-platform multimedia player developed by the French company VideoLAN. It supports playback of various media formats such as files and discs as well as different audio and video formats e.g., WMV, MP3, etc.. Versions of VideoLAN VLC Media Playe...
VideoLAN VLC media player 安全漏洞
VideoLAN VLC Media Player is a free, open-source cross-platform multimedia player and also a multimedia framework developed by the French company VideoLAN. This product supports playback of various media formats such as files and discs as well as different audio and video formats e.g., WMV, MP3,...
SUSE CVE-2025-51602
mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...
UBUNTU-CVE-2025-51602
mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...
CVE-2025-51602
mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...
CVE-2025-51602
mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...
CVE-2025-51602
mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...
VideoLAN VLC Media Player buffer error vulnerability
VideoLAN VLC Media Player is a free, open-source cross-platform multimedia player developed by the French company VideoLAN. It is also a multimedia framework. This product supports playback of various media types such as files and discs and various audio/video formats such as WMV and MP3. Version...
CVE-2019-18278
When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqtplugin!vlcentrylicense300f+0x00000000003b9aba. NOTE: the VideoLAN security team indicates that they have not been contacted, and have no way of reproducing this...