Product:

Vlc_media_player

(Videolan)
Repositories https://git.videolan.org/git/vlc.git
#Vulnerabilities 113
Date Id Summary Products Score Patch Annotated
2017-05-29 CVE-2017-9301 plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file. Vlc_media_player 7.8
2017-05-29 CVE-2017-9300 plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file. Vlc_media_player 7.8
2017-06-30 CVE-2017-10699 avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution. Vlc_media_player 9.8
2016-06-08 CVE-2016-5108 Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file. Debian_linux, Vlc_media_player 9.8
2016-04-18 CVE-2016-3941 Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF." Ubuntu_linux, Vlc_media_player 5.5
2014-05-14 CVE-2014-3441 codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file. Vlc_media_player N/A
2014-03-21 CVE-2013-7340 VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file. Vlc_media_player N/A
2013-10-25 CVE-2013-6283 VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file. Vlc_media_player N/A
2013-07-10 CVE-2013-1868 Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser. Vlc_media_player N/A
2013-07-10 CVE-2012-5855 The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction. Vlc_media_player N/A