A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
6.5CVSS
8.1AI Score
0.075EPSS
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
7.1CVSS
7.8AI Score
0.001EPSS
5.5CVSS
7AI Score
0.001EPSS
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for ex...
7.8CVSS
7.8AI Score
0.006EPSS
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
7.8CVSS
7.5AI Score
0.002EPSS
A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
7.1CVSS
6.8AI Score
0.001EPSS
A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
7.1CVSS
6.8AI Score
0.001EPSS
A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
7.1CVSS
6.8AI Score
0.001EPSS
A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.
7.5CVSS
7.1AI Score
0.001EPSS
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
7.8CVSS
7.7AI Score
0.003EPSS
A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.
7.8CVSS
8AI Score
0.0004EPSS
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
9.8CVSS
9.1AI Score
0.001EPSS
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
7.5CVSS
8.3AI Score
0.0005EPSS