Vlc Media Player@* Security Vulnerabilities and Issues — Vlc Media Player@* CVE List

Lucene search

VideolanVlc Media Player*

6 matches found

CVE•added 2017/12/15 9:29 a.m.•89 views

CVE-2017-17670

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.

8.8CVSS8.3AI score0.01254EPSS

CVE•added 2017/05/23 9:29 p.m.•85 views

CVE-2017-8311

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.

7.8CVSS8AI score0.09953EPSS

CVE•added 2017/05/29 7:29 p.m.•69 views

CVE-2017-9300

plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.

7.8CVSS8.1AI score0.00438EPSS

CVE•added 2017/05/23 9:29 p.m.•64 views

CVE-2017-8312

Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.

5.5CVSS5.8AI score0.00338EPSS

CVE•added 2017/05/23 9:29 p.m.•61 views

CVE-2017-8313

Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file.

5.5CVSS5.9AI score0.00323EPSS

CVE•added 2017/05/29 7:29 p.m.•54 views

CVE-2017-9301

plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.

7.8CVSS7.9AI score0.00421EPSS