Lucene search
K

783 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:15 a.m.5 views

SUSE CVE-2015-5949

VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers...

6.8CVSS9.5AI score0.13337EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.4 views

SUSE CVE-2016-5108

Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted QuickTime IMA file...

9.8CVSS8.2AI score0.24748EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.3 views

SUSE CVE-2017-8310

Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process causing a denial of service via a crafted subtitles file...

5.5CVSS6.1AI score0.01258EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.3 views

SUSE CVE-2017-8311

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file...

7.8CVSS8.3AI score0.08765EPSS
Exploits4References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.3 views

SUSE CVE-2017-8313

Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file...

5.5CVSS6.2AI score0.01481EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.4 views

SUSE CVE-2017-8312

Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file...

5.5CVSS6.1AI score0.01358EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.3 views

SUSE CVE-2017-9300

plugins\codec\libflacplugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service heap corruption and application crash or possibly have unspecified other impact via a crafted FLAC file...

7.8CVSS9.1AI score0.03284EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.4 views

SUSE CVE-2017-17670

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...

8.8CVSS6.9AI score0.02155EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.4 views

SUSE CVE-2018-11529

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

8CVSS8.2AI score0.40612EPSS
Exploits10References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:10 a.m.4 views

SUSE CVE-2019-13962

lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height...

9.8CVSS8.1AI score0.036EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.2 views

SUSE CVE-2019-14437

The xiphSplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file...

7.8CVSS7.7AI score0.01504EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.3 views

SUSE CVE-2019-14498

A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file...

7.8CVSS7.5AI score0.01517EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.2 views

SUSE CVE-2019-14534

In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack...

5.5CVSS6.3AI score0.01429EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.2 views

SUSE CVE-2022-41325

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...

7.8CVSS8AI score0.00649EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.11 views

Ubuntu: Security Advisory (USN-4809-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.01161EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/12/07 12:0 a.m.26 views

Debian DSA-5297-1 : vlc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5297 advisory. - An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to...

7.8CVSS7.8AI score0.00649EPSS
Exploits1References5
OSV
OSV
added 2022/12/06 4:15 p.m.10 views

CVE-2022-41325

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...

7.8CVSS7.7AI score0.00649EPSS
Exploits1References4
OSV
OSV
added 2022/12/06 4:15 p.m.2 views

DEBIAN-CVE-2022-41325

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...

7.8CVSS7.8AI score0.00649EPSS
Exploits1References1
Prion
Prion
added 2022/12/06 4:15 p.m.18 views

Integer overflow

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...

4.4CVSS7.6AI score0.00649EPSS
Exploits1References4Affected Software2
OSV
OSV
added 2022/12/06 4:15 p.m.1 views

UBUNTU-CVE-2022-41325

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions...

7.8CVSS7.4AI score0.00649EPSS
Exploits1References5
Rows per page
Query Builder