pkg:Debian/vlc

All known vulnerabilities

• CRITICAL9.8CVE-2023-47359vlc - security update
  from 0, < 3.0.20-0+deb11u1
• CRITICAL9.8CVE-2023-47359vlc - security update
  from 0, < 3.0.20-0+deb10u1
• CRITICAL9.8CVE-2023-47359vlc - security update
  from 0, < 3.0.20-0+deb11u1
• CRITICAL9.8An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0.
  from 0, < 3.0.8-4
• CRITICAL9.8lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it d…
  from 0, < 3.0.8-1
• CRITICAL9.8vlc - security update
  from 0, < 3.0.7-1
• CRITICAL9.8vlc - security update
  from 0, < 3.0.7-0+deb9u1
• CRITICAL9.8vlc - security update
  from 0, < 2.2.6-3
• CRITICAL9.8vlc - security update
  from 0, < 2.2.7-1~deb8u1
• CRITICAL9.8VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.
  from 0, < 2.1.5-1
• CRITICAL9.8vlc - security update
  from 0, < 2.2.4-1~deb8u1
• CRITICAL9.8vlc - security update
  from 0, < 2.2.3-2
• CRITICAL9.1vlc - security update
  from 0, < 3.0.6-0+deb9u1
• CRITICAL9.1vlc - security update
  from 0, < 3.0.4-4
• HIGH8.8The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial…
  from 0, < 3.0.2-1
• HIGH8.8vlc - security update
  from 0, < 3.0.2-0+deb9u1
• HIGH8.8vlc - security update
  from 0, < 3.0.0~rc2-1
• HIGH8.0vlc - security update
  from 0, < 3.0.21-0+deb11u1
• HIGH8.0vlc - security update
  from 0, < 3.0.21-0+deb11u1
• HIGH8.0vlc - security update
  from 0, < 3.0.3-1-1
• HIGH8.0vlc - security update
  from 0, < 3.0.3-1-0+deb9u1
• HIGH7.8vlc - security update
  from 0, < 3.0.18-0+deb11u1
• HIGH7.8vlc - security update
  from 0, < 3.0.18-0+deb11u1
• HIGH7.8vlc - security update
  from 0, < 3.0.17.4-0+deb10u2
• HIGH7.8vlc - security update
  from 0, < 3.0.12-0+deb9u1
• HIGH7.8vlc - security update
  from 0, < 3.0.12-0+deb10u1
• HIGH7.8vlc - security update
  from 0, < 3.0.12-1
• HIGH7.8vlc - security update
  from 0, < 3.0.11-0+deb9u1
• HIGH7.8vlc - security update
  from 0, < 3.0.11-1
• HIGH7.8vlc - security update
  from 0, < 3.0.9.2-1
• HIGH7.8vlc - security update
  from 0, < 3.0.10-0+deb9u1
• HIGH7.8The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation app…
  from 0, < 2.2.0~rc2-2
• HIGH7.8Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 al…
  from 0, < 2.2.0~rc2-2
• HIGH7.8The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger…
  from 0, < 2.2.0~rc2-2
• HIGH7.8The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operatio…
  from 0, < 2.2.0~rc2-2
• HIGH7.8vlc - security update
  from 0, < 2.2.0~rc2-2
• HIGH7.8vlc - security update
  from 0, < 2.0.3-5+deb7u2
• HIGH7.8A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow…
  from 0, < 3.0.8-1
• HIGH7.8The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
  from 0, < 3.0.8-1
• HIGH7.8The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
  from 0, < 3.0.8-1
• HIGH7.8A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
  from 0, < 3.0.8-1
• HIGH7.8The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
  from 0, < 3.0.8-1
• HIGH7.8A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1.
  from 0, < 3.0.8-1
• HIGH7.8A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1.
  from 0, < 3.0.8-1
• HIGH7.8A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to…
  from 0, < 3.0.8-1
• HIGH7.8The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly.
  from 0, < 3.0.8-1
• HIGH7.8vlc - security update
  from 0, < 3.0.8-0+deb9u1
• HIGH7.8vlc - security update
  from 0, < 3.0.7.1-2
• HIGH7.8plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (i…
  from 0, < 2.2.5.1-1
• HIGH7.8plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption a…
  from 0, < 2.2.6-3
• HIGH7.8Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows att…
  from 0, < 2.2.5-1
• HIGH7.5Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
  from 0, < 3.0.20-0+deb11u1
• HIGH7.5A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.
  from 0, < 3.0.12-1
• HIGH7.5An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0.
  from 0, < 3.0.8-4
• HIGH7.5An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0.
  from 0, < 3.0.8-4
• HIGH7.5An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0.
  from 0, < 3.0.8-4
• HIGH7.5An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0.
  from 0, < 3.0.8-4
• HIGH7.5An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0.
  from 0, < 3.0.8-4
• HIGH7.5An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0.
  from 0, < 3.0.8-4
• HIGH7.1A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an…
  from 0, < 3.0.12-1
• HIGH7.1A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-o…
  from 0, < 3.0.12-1
• HIGH7.1vlc - security update
  from 0, < 3.0.12-1
• HIGH7.1vlc - security update
  from 0, < 3.0.11-0+deb9u2
• HIGH7.1An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
  from 0, < 3.0.7-1
• MEDIUM6.5A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
  from 0, < 3.0.7-1
• MEDIUM6.3plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial…
  from 0, < 2.0.7-1
• MEDIUM6.1Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers…
  from 0, < 2.0.7-1
• MEDIUM5.5In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to…
  from 0, < 3.0.8-1
• MEDIUM5.5Double Free in VLC versions <= 3.0.6 leads to a crash.
  from 0, < 3.0.7-1
• MEDIUM5.5Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data be…
  from 0, < 2.2.5-1
• MEDIUM5.5Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data v…
  from 0, < 2.2.6-1~deb9u1
• MEDIUM5.5vlc - security update
  from 0, < 2.2.6-1~deb8u1
• MEDIUM5.5vlc - security update
  from 0, < 2.2.5.1-1~deb9u1
• MEDIUM5.5Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to ca…
  from 0, < 2.2.0-1
• MEDIUM5.3The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings…
  from 0, < 2.0.7-1
• MEDIUM4.8vlc - security update
  from 0, < 3.0.22-0+deb12u1
• MEDIUM4.8vlc - security update
  from 0, < 3.0.23-0+deb11u1
• MEDIUM4.8vlc - security update
  from 0, < 3.0.23-0+deb11u1
• —vlc - security update
  from 0, < 2.2.0~rc2-2+deb8u1
• —vlc - security update
  from 0, < 2.2.1-3
• —Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Play…
  from 0, < 2.2.0~rc2-1
• —Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a…
  from 0, < 1.1.3-1
• —mplayer - arbitrary code execution
  from 0, < 1.0.1-1
• —mplayer - arbitrary code execution
  from 0, < 0.8.6.h-4+lenny2.3
• —Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application cras…
  from 0, < 1.0.6-1
• —The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory…
  from 0, < 1.0.6-1
• —The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows…
  from 0, < 1.0.6-1
• —VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) o…
  from 0, < 1.0.6-1
• —Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service (applica…
  from 0, < 1.0.6-1
• —VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist fil…
  from 0, < 2.2.0~rc2-1
• —The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allo…
  from 0, < 2.1.4-1
• —liblivemedia - security update
  from 0, < 2.0.3-5+deb7u2
• —liblivemedia - security update
  from 0, < 2.1.4-1
• —VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary cod…
  from 0, < 2.1.0-2
• —Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers…
  from 0, < 2.1.0-1
• —The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of servi…
  from 0, < 2.0.6-1
• —vlc - security update
  from 0, < 2.0.5-1
• —vlc - security update
  from 0, < 2.0.3-5+deb7u1
• —Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows r…
  from 0, < 1.1.13-1
• —libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG…
  from 0, < 2.0.4-1