Lucene search
K

783 matches found

BDU FSTEC
BDU FSTEC
added 2020/04/14 12:0 a.m.4 views

The vulnerability of the xiph_SplitHeaders function in the VideoLAN VLC media player software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the xiphSplitHeaders function in the VideoLAN VLC media player’s modules/demux/xiph.h file relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

9.3CVSS7.2AI score0.01504EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/04/14 12:0 a.m.5 views

The vulnerability of the SeekPercent function in the VideoLAN VLC media player’s demux/asf.c file allows a hacker to cause a service failure.

The vulnerability of the SeekPercent function in the VideoLAN VLC media player’s demux/asf.c file is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service failure remotely...

7.1CVSS6.5AI score0.01429EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2020/04/14 12:0 a.m.5 views

The vulnerability of the lavc_CopyPicture function in the VideoLAN VLC media player software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the lavcCopyPicture function module/codec/avcodec/video.c in the Media Player VideoLAN VLC application is related to a buffer overflow vulnerability in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...

10CVSS7.5AI score0.036EPSS
Exploits1References12Affected Software5
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.23 views

CVE-2019-13962 avcodec lavc_CopyPicture Heap Buffer Overflow

VLC media player is a free and open-source portable cross-platform media player software developed by the VideoLAN project. VLC is available for desktop operating systems and mobile platforms, such as Android, iOS, iPadOS, Wizen, Windows 10 Mobile, and Windows Phone. It is also available on digit...

9.8CVSS0.036EPSS
Exploits1References1
CNVD
CNVD
added 2020/02/12 12:0 a.m.2 views

VideoLAN VLC Media Player Cross-Site Scripting Vulnerability (CNVD-2020-08120)

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A cross-site...

6.1CVSS6.4AI score0.01583EPSS
Exploits1References1
OSV
OSV
added 2020/02/06 10:15 p.m.6 views

DEBIAN-CVE-2013-3564

The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...

5.3CVSS5.8AI score0.01112EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/02/06 10:15 p.m.25 views

CVE-2013-3564

The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...

5.3CVSS6.1AI score0.01112EPSS
Exploits0References3
OSV
OSV
added 2020/02/06 10:15 p.m.4 views

UBUNTU-CVE-2013-3564

The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...

5.3CVSS6.1AI score0.01112EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2020/02/06 9:49 p.m.18 views

CVE-2013-3564

The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...

5.3CVSS5.5AI score0.01112EPSS
Exploits0
NVD
NVD
added 2020/01/31 10:15 p.m.17 views

CVE-2013-3565

Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...

6.1CVSS6.3AI score0.01583EPSS
Exploits1References4
OSV
OSV
added 2020/01/31 10:15 p.m.3 views

DEBIAN-CVE-2013-3565

Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...

6.1CVSS6.1AI score0.01583EPSS
Exploits1References1
OSV
OSV
added 2020/01/31 10:15 p.m.5 views

CVE-2013-3565

Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...

6.1CVSS6.2AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/01/31 10:15 p.m.36 views

CVE-2013-3565

Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...

6.1CVSS6.4AI score0.01583EPSS
Exploits1References2
Prion
Prion
added 2020/01/31 10:15 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...

4.3CVSS6.2AI score0.01583EPSS
Exploits1References4Affected Software2
CVE
CVE
added 2020/01/31 9:39 p.m.168 views

CVE-2013-3565

CVE-2013-3565 affects VideoLAN VLC Media Player through its HTTP Interface, with multiple XSS vulnerabilities in the web UI. Versions prior to 2.0.7 are affected. An attacker can craft requests to the HTTP endpoints (requests/vlm_cmd.xml, requests/browse.xml) or include a URI in a request, which ...

6.1CVSS6.1AI score0.01583EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2020/01/31 9:39 p.m.16 views

CVE-2013-3565

Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...

6.1CVSS6.3AI score0.01583EPSS
Exploits1
OSV
OSV
added 2020/01/24 10:15 p.m.4 views

DEBIAN-CVE-2014-9627

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large bo...

7.8CVSS7AI score0.01124EPSS
Exploits0References1
OSV
OSV
added 2020/01/24 10:15 p.m.4 views

DEBIAN-CVE-2014-9628

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7...

7.8CVSS7.4AI score0.02162EPSS
Exploits0References1
OSV
OSV
added 2020/01/24 10:15 p.m.6 views

CVE-2014-9626

Integer underflow in the MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7...

7.8CVSS8.1AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2020/01/24 10:15 p.m.27 views

CVE-2014-9625

The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update...

7.8CVSS7.4AI score0.02385EPSS
Exploits0References2
Rows per page
Query Builder