Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vlc_media_player
(Videolan)Repositories | https://git.videolan.org/git/vlc.git |
#Vulnerabilities | 113 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2016-06-08 | CVE-2016-5108 | Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file. | Debian_linux, Vlc_media_player | 9.8 | ||
2016-04-18 | CVE-2016-3941 | Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF." | Ubuntu_linux, Vlc_media_player | 5.5 | ||
2014-05-14 | CVE-2014-3441 | codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file. | Vlc_media_player | N/A | ||
2014-03-21 | CVE-2013-7340 | VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file. | Vlc_media_player | N/A | ||
2013-10-25 | CVE-2013-6283 | VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file. | Vlc_media_player | N/A | ||
2013-07-10 | CVE-2013-1868 | Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser. | Vlc_media_player | N/A | ||
2013-07-10 | CVE-2012-5855 | The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction. | Vlc_media_player | N/A | ||
2012-10-26 | CVE-2012-5470 | libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file. | Vlc_media_player | N/A | ||
2012-04-19 | CVE-2012-2396 | VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file. | Vlc_media_player | N/A | ||
2012-03-19 | CVE-2012-1776 | Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream. | Vlc_media_player | N/A |