Lucene search
K

783 matches found

CNVD
CNVD
added 2019/08/21 12:0 a.m.6 views

VideoLAN VLC media player code issue vulnerability

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A code issue...

5.5CVSS7.1AI score0.01429EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/31 12:0 a.m.5 views

VideoLAN VLC media player integer overflow vulnerability

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. An integer...

7.1CVSS7AI score0.02812EPSS
Exploits1References1
ThreatPost
ThreatPost
added 2019/07/23 2:39 p.m.106 views

Update: VLC Media Player Plagued By Unpatched Critical RCE Flaw

UPDATE After a German security agency reported a critical vulnerability existed in VLC open-source media player that could enable remote code execution and other malicious actions, the developers of VLC said that the media player is not vulnerable. The VLC media player, developed by the VideoLAN...

4.3CVSS0.2AI score0.02492EPSS
Exploits1References11
Prion
Prion
added 2019/07/18 8:15 p.m.23 views

Heap overflow

lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height...

7.5CVSS9.4AI score0.036EPSS
Exploits1References13Affected Software5
CVE
CVE
added 2019/07/18 7:58 p.m.249 views

CVE-2019-13962

CVE-2019-13962 affects VLC

9.8CVSS9.3AI score0.036EPSS
Exploits1References13Affected Software1
AlpineLinux
AlpineLinux
added 2019/07/18 7:58 p.m.36 views

CVE-2019-13962

lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height...

9.8CVSS9.6AI score0.036EPSS
Exploits1
OSV
OSV
added 2019/07/18 12:0 a.m.1 views

UBUNTU-CVE-2019-13962

lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height...

9.8CVSS7.3AI score0.036EPSS
Exploits1References3
OSV
OSV
added 2019/07/16 5:15 p.m.4 views

ALPINE-CVE-2019-13615

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

5.5CVSS7.2AI score0.02492EPSS
Exploits1References1
Prion
Prion
added 2019/07/16 5:15 p.m.15 views

Heap overflow

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

4.3CVSS5.5AI score0.02492EPSS
Exploits1References6Affected Software1
UbuntuCve
UbuntuCve
added 2019/07/16 12:0 a.m.20 views

CVE-2019-13615

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement...

5.5CVSS6.2AI score0.02492EPSS
Exploits1References2
CVE
CVE
added 2019/06/18 5:53 p.m.346 views

CVE-2019-12874

CVE-2019-12874 affects VLC media player 3.x up to 3.0.7. The Matroska demuxer’s MKV parser has a double free in zlib_decompress_extra, with related MKV processing flaws that can, per advisory texts, lead to a crash or possibly arbitrary code execution. Some sources also describe related DoS risk....

9.8CVSS8AI score0.02392EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/06/18 12:0 a.m.35 views

VLC zlib_decompress_extra Double Free Vulnerability

VLC media player is a free and open-source portable cross-platform media player software developed by the VideoLAN project. VLC is available for desktop operating systems and mobile platforms, such as Android, iOS, iPadOS, Wizen, Windows 10 Mobile, and Windows Phone. It is also available on digit...

9.8CVSS0.3AI score0.02392EPSS
Exploits0References9
OSV
OSV
added 2019/06/18 12:0 a.m.1 views

UBUNTU-CVE-2019-12874

An issue was discovered in zlibdecompressextra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free...

9.8CVSS7.4AI score0.02392EPSS
Exploits0References3
CNVD
CNVD
added 2019/06/13 12:0 a.m.4 views

VideoLAN VLC media player buffer overflow vulnerability (CNVD-2019-25509)

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A buffer overflo...

6.5CVSS7.3AI score0.05295EPSS
Exploits0References1
OSV
OSV
added 2019/06/13 12:0 a.m.5 views

UBUNTU-CVE-2019-5439

A Buffer Overflow in VLC Media Player 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit...

6.5CVSS7.8AI score0.05295EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2019/06/10 2:51 p.m.168 views

VLC Player Gets Patched for Two High-Severity Bugs

Maintainers of the popular open-source VLC media player patched two high-severity bugs Friday. The flaws were an out-of-bound write vulnerability and a stack-buffer-overflow bug. Developers behind the software, VideoLAN, said the patches were two of 33 fixes being pushed out to the media player a...

7.7AI score
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2019/02/05 12:0 a.m.5 views

The vulnerability of the ReadRealIndex function in the Real demuxer plugin of the VideoLAN VLC media player allows a hacker to execute arbitrary code.

The vulnerability of the ReadRealIndex function in the Real demuxer plugin of the VideoLAN VLC media player is due to a numerical overflow that causes a buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious RealMedia .rm fi...

9.3CVSS6.5AI score0.07842EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2018/12/31 4:29 p.m.15 views

CVE-2018-19937

A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone...

6.6CVSS6.4AI score
Exploits0References2
Cvelist
Cvelist
added 2018/12/31 4:0 p.m.23 views

CVE-2018-19937

A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone...

6.2AI score0.0033EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2018/12/31 4:0 p.m.6 views

CVE-2018-19937

A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone...

6.2AI score0.0033EPSS
Exploits0References2
Rows per page
Query Builder