Search CVE reports
21 – 30 of 150 results
CVE-2013-3565
Medium prioritySome fixes available 3 of 4
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter...
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2014-9630
Medium prioritySome fixes available 2 of 4
The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to...
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | Not affected |
CVE-2014-9629
Medium prioritySome fixes available 2 of 4
Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a...
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | Not affected |
CVE-2014-9628
Medium prioritySome fixes available 2 of 4
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently...
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | Not affected |
CVE-2014-9627
Medium prioritySome fixes available 2 of 4
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a...
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | Not affected |
CVE-2014-9626
Medium prioritySome fixes available 2 of 4
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box...
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | Not affected |
CVE-2014-9625
Medium priorityThe GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer...
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2019-15678
Medium prioritySome fixes available 1 of 126
TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.
11 affected packages
bochs, directvnc, libvncserver, ssvnc, tightvnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
directvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libvncserver | Not affected | Not affected | Not affected | Not affected | Not affected |
ssvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tightvnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
veyon | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
vino | Not affected | Not affected | Not affected | Not affected | Not affected |
vlc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
vncsnapshot | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
x11vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
x2vnc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-18278
Medium priorityWhen executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security team...
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | Not affected | Not affected |
CVE-2019-14970
Medium prioritySome fixes available 2 of 3
A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
1 affected package
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |