VideolanCVEs & Vulnerabilities

127 CVEs affecting Videolan products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

vlc media player 1.649vlc 151dav1d 2libbluray 1vlc for mobile 1
CVE-2024-1580HIGH

An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.

19 Feb 2024
8.8
CVSS
CVE-2023-46814HIGH

A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.

22 Nov 2023
7.8
CVSS
CVE-2023-47360HIGH

Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.

7 Nov 2023
7.5
CVSS
CVE-2023-47359CRITICAL

Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.

7 Nov 2023
9.8
CVSS
CVE-2023-32570MEDIUM

VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.

10 May 2023
5.9
CVSS
CVE-2022-41325HIGH

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.

6 Dec 2022
7.8
CVSS
CVE-2021-25804HIGH

A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.

26 Jul 2021
7.5
CVSS
CVE-2021-25803HIGH

A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

26 Jul 2021
7.1
CVSS
CVE-2021-25802HIGH

A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

26 Jul 2021
7.1
CVSS
CVE-2021-25801HIGH

A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

26 Jul 2021
7.1
CVSS
CVE-2020-26664HIGH

A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.

8 Jan 2021
7.8
CVSS
CVE-2020-13428HIGH

A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.

8 Jun 2020
7.8
CVSS
CVE-2019-19721HIGH

An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. NOTE: this may be related to the SDL_Image product.

15 May 2020
7.8
CVSS
CVE-2013-3564MEDIUM

The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating.

7 Feb 2020
5.3
CVSS
CVE-2013-3565MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua.

1 Feb 2020
6.1
CVSS
CVE-2014-9630HIGH

The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value.

25 Jan 2020
7.8
CVSS
CVE-2014-9629HIGH

Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value.

25 Jan 2020
7.8
CVSS
CVE-2014-9628HIGH

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7.

25 Jan 2020
7.8
CVSS
CVE-2014-9627HIGH

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size.

25 Jan 2020
7.8
CVSS
CVE-2014-9626HIGH

Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.

25 Jan 2020
7.8
CVSS
CVE-2014-9625HIGH

The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update status file, aka an "integer truncation" vulnerability.

25 Jan 2020
7.8
CVSS
CVE-2015-7810MEDIUM

libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files

22 Nov 2019
4.7
CVSS
CVE-2019-18278HIGH

When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security team indicates that they have not been contacted, and have no way of reproducing this issue.

23 Oct 2019
7.8
CVSS
CVE-2019-14970HIGH

A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file.

29 Aug 2019
7.8
CVSS
CVE-2019-14778HIGH

The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.

29 Aug 2019
7.8
CVSS
CVE-2019-14777HIGH

The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.

29 Aug 2019
7.8
CVSS
CVE-2019-14776HIGH

A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.

29 Aug 2019
7.8
CVSS
CVE-2019-14534MEDIUM

In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack.

29 Aug 2019
5.5
CVSS
CVE-2019-14533HIGH

The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free.

29 Aug 2019
7.8
CVSS
CVE-2019-14535HIGH

A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.

29 Aug 2019
7.8
CVSS
CVE-2019-14498HIGH

A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.

29 Aug 2019
7.8
CVSS
CVE-2019-14438HIGH

A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file.

29 Aug 2019
7.8
CVSS
CVE-2019-14437HIGH

The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file.

29 Aug 2019
7.8
CVSS
CVE-2019-5460MEDIUM

Double Free in VLC versions <= 3.0.6 leads to a crash.

31 Jul 2019
5.5
CVSS
CVE-2019-5459HIGH

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.

31 Jul 2019
7.1
CVSS
CVE-2019-13962CRITICAL

lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.

18 Jul 2019
9.8
CVSS
CVE-2019-13615MEDIUM

libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.

16 Jul 2019
5.5
CVSS
CVE-2019-13602HIGH

An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.

15 Jul 2019
7.8
CVSS
CVE-2019-12874CRITICAL

An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.

18 Jun 2019
9.8
CVSS
CVE-2019-5439MEDIUM

A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.

13 Jun 2019
6.5
CVSS
CVE-2018-19937MEDIUM

A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone.

31 Dec 2018
6.6
CVSS
CVE-2018-19857CRITICAL

The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.

5 Dec 2018
9.1
CVSS
CVE-2018-11529HIGHpoc

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.

11 Jul 2018
8.0
CVSS
CVE-2018-11516HIGH

The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.

28 May 2018
8.8
CVSS
CVE-2017-17670HIGH

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.

15 Dec 2017
8.8
CVSS
CVE-2017-10699CRITICAL

avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution.

30 Jun 2017
9.8
CVSS
CVE-2017-9301HIGH

plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.

29 May 2017
7.8
CVSS
CVE-2017-9300HIGH

plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.

29 May 2017
7.8
CVSS
← PrevPage 1 / 3Next →