XineCVEs & Vulnerabilities
50 CVEs affecting Xine products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
50 CVEs→ All vendors
Most Affected Products
xine-lib 663xine 221gxine 6xine-ui 4real media input plugin 1xine-plugin 1
CVE-2004-0433CRITICAL
Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets.
18 Aug 2004
10.0
CVSS
CVE-2004-0372LOW
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
15 Apr 2004
2.1
CVSS