#Vulnerabilities 110
Date Id Summary Products Score Patch Annotated
2018-05-28 CVE-2018-11516 The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file. Vlc_media_player 8.8
2019-07-30 CVE-2019-5460 Double Free in VLC versions <= 3.0.6 leads to a crash. Backports, Leap, Vlc_media_player 5.5
2020-06-08 CVE-2020-13428 A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file. Debian_linux, Vlc_media_player 7.8
2021-01-08 CVE-2020-26664 A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file. Debian_linux, Vlc_media_player 7.8
2022-12-06 CVE-2022-41325 An integer overflow in the VNC module in VideoLAN VLC Media Player through allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions. Debian_linux, Vlc_media_player 7.8