783 matches found
The vulnerability of the xiph_SplitHeaders function in the VideoLAN VLC media player software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the xiphSplitHeaders function in the VideoLAN VLC media player’s modules/demux/xiph.h file relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of the SeekPercent function in the VideoLAN VLC media player’s demux/asf.c file allows a hacker to cause a service failure.
The vulnerability of the SeekPercent function in the VideoLAN VLC media player’s demux/asf.c file is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service failure remotely...
The vulnerability of the lavc_CopyPicture function in the VideoLAN VLC media player software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the lavcCopyPicture function module/codec/avcodec/video.c in the Media Player VideoLAN VLC application is related to a buffer overflow vulnerability in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...
CVE-2019-13962 avcodec lavc_CopyPicture Heap Buffer Overflow
VLC media player is a free and open-source portable cross-platform media player software developed by the VideoLAN project. VLC is available for desktop operating systems and mobile platforms, such as Android, iOS, iPadOS, Wizen, Windows 10 Mobile, and Windows Phone. It is also available on digit...
VideoLAN VLC Media Player Cross-Site Scripting Vulnerability (CNVD-2020-08120)
VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A cross-site...
DEBIAN-CVE-2013-3564
The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...
CVE-2013-3564
The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...
UBUNTU-CVE-2013-3564
The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...
CVE-2013-3564
The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating...
CVE-2013-3565
Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...
DEBIAN-CVE-2013-3565
Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...
CVE-2013-3565
Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...
CVE-2013-3565
Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...
CVE-2013-3565
CVE-2013-3565 affects VideoLAN VLC Media Player through its HTTP Interface, with multiple XSS vulnerabilities in the web UI. Versions prior to 2.0.7 are affected. An attacker can craft requests to the HTTP endpoints (requests/vlm_cmd.xml, requests/browse.xml) or include a URI in a request, which ...
CVE-2013-3565
Multiple cross-site scripting XSS vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the 1 command parameter to requests/vlmcmd.xml, 2 dir parameter to requests/browse.xml, or 3 URI in a request, which ...
DEBIAN-CVE-2014-9627
The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large bo...
DEBIAN-CVE-2014-9628
The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7...
CVE-2014-9626
Integer underflow in the MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7...
CVE-2014-9625
The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update...