CVSS: 9.8EPSS: 7%CPEs: 1EXPL: 1CVE-2014-6440
https://notcve.org/view.php?id=CVE-2014-6440
28 Mar 2017 — VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service. VideoLAN VLC media player en versiones anteriores a 2.1.5 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio. • http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 105EXPL: 0CVE-2013-7340
https://notcve.org/view.php?id=CVE-2013-7340
20 Mar 2014 — VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file. VideoLAN VLC Media Player anterior a 2.0.7 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un archivo de lista de reproducción manipulado. • http://www.videolan.org/developers/vlc-branch/NEWS • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 3%CPEs: 99EXPL: 0CVE-2012-3377 – Gentoo Linux Security Advisory 201411-01
https://notcve.org/view.php?id=CVE-2012-3377
12 Jul 2012 — Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file. Un desbordamiento de búfer basado en memoria dinámica en la función Ogg_DecodePacket en el demuxer OGG (modules/demux/ogg.c) en VideoLAN VLC media player antes de v2.0.2 permite a atacantes remotos causar una denegación de servicio (por... • http://git.videolan.org/?p=vlc/vlc-2.0.git%3Ba=commitdiff%3Bh=16e9e126333fb7acb47d363366fee3deadc8331e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 62%CPEs: 107EXPL: 2CVE-2012-1775 – VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2012-1775
19 Mar 2012 — Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream. Un desbordamiento de búfer Basado en pila en VideoLAN VLC media player antes de v2.0.1 permite a atacantes remotos ejecutar código de su elección a través de un stream MMS:// modificado a mano. Multiple vulnerabilities have been found in VLC, the worst of which could lead to user-assisted execution of arbitrary code. Versions less than 2.1.2 are affected. • https://www.exploit-db.com/exploits/18825 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 4%CPEs: 107EXPL: 0CVE-2012-1776 – Gentoo Linux Security Advisory 201411-01
https://notcve.org/view.php?id=CVE-2012-1776
19 Mar 2012 — Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream. Múltiples desbordamientos de buffer de memoria dinámica en el reproductor multimedia VideoLAN VLC anteriores a 2.0.1. Permiten a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar código arbitrario a través de un stream Real RTSP modificado. ... • http://osvdb.org/80189 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2008-2147
https://notcve.org/view.php?id=CVE-2008-2147
12 May 2008 — Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory. Vulnerabilidad de búsqueda en ruta no confiable en VideoLAN VLC anterior a 0.9.0 permite a usuarios locales ejecutar código de su elección a través de una librería bajo los subdirectorios modules/ o plugins/ del directorio actual. • http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 2%CPEs: 60EXPL: 0CVE-2008-1768
https://notcve.org/view.php?id=CVE-2008-1768
24 Apr 2008 — Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow. Múltiples desbordamientos de enteros en VLC anterior a 0.8.6f, permite a atacantes remotos provocar una denegación de servicio (caída) a través del demultiplexador (1) MP4, (2) Real y (3) el codec Cinepak, que inicia el desbordamiento de búfer. • http://secunia.com/advisories/29503 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 11%CPEs: 60EXPL: 1CVE-2008-1769 – Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-1769
24 Apr 2008 — VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption. VLC versions anteriores a la 0.8.6f, permite a atacantes remotos provocar una denegación de servicio (caída) a través de un Cinepak manipulado que dispara un acceso a array fuera de límite y una corrupción de memoria. • https://www.exploit-db.com/exploits/5498 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 44%CPEs: 1EXPL: 2CVE-2007-6681 – Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-6681
17 Jan 2008 — Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file. Desbordamiento de búfer basado en pila en modules/demux/subtitle.c de VideoLAN VLC 0.8.6d permite a atacantes remotos ejecutar código de su elección mediante un subtítulo largo en un fichero (1) MicroDvd, (2) SSA, y (3) Vplayer. • https://www.exploit-db.com/exploits/5498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 21%CPEs: 1EXPL: 2CVE-2007-6682 – VideoLAN VLC Media Player 0.8.6d - 'httpd_FileCallBack' Remote Format String
https://notcve.org/view.php?id=CVE-2007-6682
17 Jan 2008 — Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter. Vulnerabilidad de cadena de formato en la función httpd_FileCallBack (network/httpd.c) de VideoLAN VLC 0.8.6d permite a atacantes remotos ejecutar código de su elección mediante especificadores de cadenas de formato en el parámetro Connection. • https://www.exploit-db.com/exploits/5519 •