Lucene search
K

783 matches found

OSV
OSV
added 2018/12/05 12:0 a.m.3 views

UBUNTU-CVE-2018-19857

The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk cast converts a return value to an unsigned int even if that value is negative. This could result in a denial...

9.1CVSS7.3AI score0.03916EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2018/11/30 6:1 p.m.8 views

Bing Warns VLC Media Player Site is ‘Suspicious’ in Likely False-Positive Gaff

Microsoft’s Bing search engine warned its users the official VLC media player website was “suspicious” and dissuaded users from visiting the popular destination, suggesting the site contained “malicious software.” The site is no longer listed as unsafe. In a red warning message presented to users...

0.9AI score
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2018/10/21 12:0 a.m.2 views

VLC Media Player 2.2.8 Vulnerable to Arbitrary Code Execution (CVE-2018-11529)

VideoLAN VLC media player is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

6.8CVSS4.8AI score0.40612EPSS
Exploits10
Packet Storm
Packet Storm
added 2018/10/11 12:0 a.m.256 views

VLC Media Player 2.2.8 MKV Use-After-Free

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after free vulnerability in VideoLAN VLC = MSFLICENSE, 'Autho...

6.8CVSS0.2AI score0.40612EPSS
Exploits10
UbuntuCve
UbuntuCve
added 2018/07/11 4:29 p.m.27 views

CVE-2018-11529

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

8CVSS7.5AI score0.40612EPSS
Exploits10References3
Prion
Prion
added 2018/07/11 4:29 p.m.20 views

Design/Logic Flaw

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

6.8CVSS8.1AI score0.40612EPSS
Exploits10References4Affected Software2
Cvelist
Cvelist
added 2018/07/11 4:0 p.m.27 views

CVE-2018-11529

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

8AI score0.40612EPSS
Exploits10References4
CVE
CVE
added 2018/07/11 4:0 p.m.138 views

CVE-2018-11529

VLC media player 2.2.x is affected by a use-after-free vulnerability in the MP4 demuxer that can be triggered by crafted MKV files, enabling arbitrary code execution. In the documented exploitchain, VLC 2.2.8 (and earlier 2.2.x) is at risk, with failures potentially causing denial of service. The...

8CVSS7.9AI score0.40612EPSS
Exploits10References4Affected Software1
Debian CVE
Debian CVE
added 2018/07/11 4:0 p.m.23 views

CVE-2018-11529

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

8CVSS8.2AI score0.40612EPSS
Exploits10
FreeBSD
FreeBSD
added 2018/06/06 12:0 a.m.37 views

vlc -- Use after free vulnerability

Mitre reports: VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

8CVSS4.2AI score0.40612EPSS
Exploits10References5
CNVD
CNVD
added 2018/05/29 12:0 a.m.24 views

VideoLAN VLC Denial of Service Vulnerability (CNVD-2018-10858)

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework developed by the French organization VideoLAN. The product supports playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A...

8.8CVSS6.9AI score0.03619EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2018/05/29 12:0 a.m.18 views

VLC Media Player Denial-of-Service Vulnerability (May 2018) - Windows

VLC media player is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS6.9AI score0.03619EPSS
Exploits1References1
CVE
CVE
added 2018/05/28 4:0 p.m.81 views

CVE-2018-11516

CVE-2018-11516 affects VideoLAN VLC media player 3.0.1, where the vlc_demux_chained_Delete function in input/demux_chained.c can be triggered by a crafted .swf file to cause a denial of service via heap corruption and application crash. Some sources also describe a potential for remote code execu...

8.8CVSS9AI score0.03619EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2017/12/20 12:0 a.m.70 views

VLC Media Player 'MP4 Demux Module' DoS Vulnerability - Windows

VLC media player is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS8.5AI score0.02155EPSS
Exploits2References2
CNVD
CNVD
added 2017/12/18 12:0 a.m.4 views

VideoLAN VLC media player MP4 demux module denial of service vulnerability

VideoLAN VLC media player is a free and open source cross-platform multimedia player also a multimedia framework developed by the French organization VideoLAN. The product supports playback of multiple media files, CD-ROMs, etc., multiple audio and video formats WMV, MP3, etc., etc. The MP4 demux...

8.8CVSS6.8AI score0.02155EPSS
Exploits2References1
Prion
Prion
added 2017/12/15 9:29 a.m.12 views

Type confusion

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...

6.8CVSS8.5AI score0.02155EPSS
Exploits2References4Affected Software2
OSV
OSV
added 2017/12/15 9:29 a.m.3 views

UBUNTU-CVE-2017-17670

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...

8.8CVSS7.2AI score0.02155EPSS
Exploits2References5
OSV
OSV
added 2017/12/15 9:29 a.m.1 views

DEBIAN-CVE-2017-17670

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...

8.8CVSS6.8AI score0.02155EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2017/12/15 9:29 a.m.22 views

CVE-2017-17670

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...

8.8CVSS7.1AI score0.02155EPSS
Exploits2References4
CVE
CVE
added 2017/12/15 9:0 a.m.109 views

CVE-2017-17670

CVE-2017-17670 affects VideoLAN VLC media player up to version 2.2.8, where the MP4 demuxer (modules/demux/mp4/libmp4.c) contains a type-conversion bug that may change a box’s type between a read and a free operation, causing an invalid free. Multiple connected sources confirm VLC 2.x are vulnera...

8.8CVSS8.3AI score0.02155EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder