Search CVE reports


Toggle filters

21 – 30 of 150 results


CVE-2013-3565

Medium priority

Some fixes available 3 of 4

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter...

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc
Show less packages

CVE-2014-9630

Medium priority

Some fixes available 2 of 4

The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to...

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc Not affected
Show less packages

CVE-2014-9629

Medium priority

Some fixes available 2 of 4

Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a...

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc Not affected
Show less packages

CVE-2014-9628

Medium priority

Some fixes available 2 of 4

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently...

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc Not affected
Show less packages

CVE-2014-9627

Medium priority

Some fixes available 2 of 4

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a...

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc Not affected
Show less packages

CVE-2014-9626

Medium priority

Some fixes available 2 of 4

Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box...

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc Not affected
Show less packages

CVE-2014-9625

Medium priority
Not affected

The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer...

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc
Show less packages

CVE-2019-15678

Medium priority

Some fixes available 1 of 126

TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity.

11 affected packages

bochs, directvnc, libvncserver, ssvnc, tightvnc...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bochs Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
directvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libvncserver Not affected Not affected Not affected Not affected Not affected
ssvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tightvnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
veyon Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
vino Not affected Not affected Not affected Not affected Not affected
vlc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vncsnapshot Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
x11vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
x2vnc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 11 packages Show less packages

CVE-2019-18278

Medium priority
Not affected

When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security team...

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc Not affected Not affected
Show less packages

CVE-2019-14970

Medium priority

Some fixes available 2 of 3

A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file.

1 affected package

vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vlc Not affected Not affected Not affected Fixed Vulnerable
Show less packages