Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vlc_media_player
(Videolan)Repositories | https://git.videolan.org/git/vlc.git |
#Vulnerabilities | 113 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-08-29 | CVE-2019-14778 | The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | Debian_linux, Vlc_media_player | 7.8 | ||
2019-08-29 | CVE-2019-14777 | The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | Debian_linux, Vlc_media_player | 7.8 | ||
2019-08-29 | CVE-2019-14776 | A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. | Debian_linux, Vlc_media_player | 7.8 | ||
2019-08-29 | CVE-2019-14535 | A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file. | Debian_linux, Vlc_media_player | 7.8 | ||
2019-08-29 | CVE-2019-14534 | In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. | Debian_linux, Vlc_media_player | 5.5 | ||
2019-08-29 | CVE-2019-14533 | The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free. | Debian_linux, Vlc_media_player | 7.8 | ||
2019-08-29 | CVE-2019-14498 | A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file. | Debian_linux, Vlc_media_player | 7.8 | ||
2019-08-29 | CVE-2019-14438 | A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file. | Debian_linux, Vlc_media_player | 7.8 | ||
2019-08-29 | CVE-2019-14437 | The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file. | Debian_linux, Vlc_media_player | 7.8 | ||
2020-02-06 | CVE-2013-3564 | The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating. | Vlc_media_player | N/A |