4 matches found
CVE-2026-49130
Music Player Daemon MPD before version 0.24.11 contains a CRLF injection vulnerability in the xspfchardata function within the XSPF playlist plugin that allows attackers to embed literal CR/LF bytes in URI fields by supplying a malicious XSPF playlist with XML numeric character references...
VideoLAN VLC media player denial of service vulnerability (CNVD-2015-00046)
VideoLAN VLC media player is the multimedia player of VideoLAN program. A denial of service vulnerability exists in versions of VideoLAN VLC media player prior to 1.0.6, which allows remote attackers to launch a denial of service attack via an empty location of an element in an XML shareable...
CVE-2008-4558
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...
WinAmp v.3.0: buffer overflow
Damage Hacking Group security advisory www.dhgroup.org Product: WinAmp v.3.0 final not beta : bld 488 Authors: NullSoft, Inc. www.winamp.com Vulnerable versions: up to v.3.0 Not vulnerable: all that doesn't support b4s-lists Vulnerability: buffer overflow & code execution...