CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

plugins/demux/libmkvplugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer...

6.8CVSS8.2AI score0.01865EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 10:32 a.m.•6 views

CVE-2019-14057

Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...

9.4CVSS7.3AI score0.00286EPSS

Exploits0References1

Vulnrichment•added 2024/11/14 12:0 a.m.•12 views

CVE-2024-41217

A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02-00-45 allows attackers to cause Denial of Service DoS via a crafted MKV video file...

7.2AI score0.00396EPSS

Exploits1References1

SUSE CVE•added 2023/02/15 5:5 a.m.•2 views

SUSE CVE-2016-2464

libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted mkv file, aka internal bug 23167726...

7.8CVSS7.8AI score0.00254EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 4:11 a.m.•1 views

SUSE CVE-2019-12874

An issue was discovered in zlibdecompressextra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free...

9.8CVSS7.1AI score0.00897EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 3:53 a.m.•0 views

SUSE CVE-2020-26664

A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file...

7.8CVSS8.5AI score0.00296EPSS

Exploits1References9

RedhatCVE•added 2023/01/10 12:5 p.m.•30 views

CVE-2022-36313

A flaw was found in the file-type npm package. A malformed MKV file could lead the file type detector to a denial of Service. This issue allows an attacker to input a malicious file and make the server unresponsive...

5.5CVSS3.7AI score0.00171EPSS

Exploits0References3

Veracode•added 2022/07/22 5:15 a.m.•33 views

Denial Of Service (DoS)

file-type is vulnerable to denial of service. The vulnerability exists in the FileTypeParser function in core.js due to a lack of input sanitization in the file type detector which allows an attacker to cause an application crash by sending mkv file...

5.5CVSS5.6AI score0.00171EPSS

Exploits0References7Affected Software1

Github Security Blog•added 2022/07/22 12:0 a.m.•57 views

file-type vulnerable to Infinite Loop via malformed MKV file

An issue was discovered in the file-type package from 13.0.0 until 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack when...

5.5CVSS5.8AI score0.00171EPSS

Exploits0References11Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by