Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Videolan Subscribe
Total 126 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0295 1 Videolan 1 Vlc Media Player 2023-12-10 8.5 HIGH N/A
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
CVE-2007-3467 1 Videolan 1 Vlc Media Player 2023-12-10 7.8 HIGH N/A
Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate.
CVE-2007-6681 1 Videolan 1 Vlc 2023-12-10 7.5 HIGH N/A
Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.
CVE-2007-3316 1 Videolan 1 Vlc Media Player 2023-12-10 9.3 HIGH N/A
Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.
CVE-2008-0984 2 Miro, Videolan 2 Miro Player, Vlc Media Player 2023-12-10 9.3 HIGH N/A
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
CVE-2008-0296 2 Microsoft, Videolan 2 Windows, Vlc Media Player 2023-12-10 10.0 HIGH N/A
Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.