VideoLAN VLC Media Player 3.0.18 Release Candidate 2

CPE Details

VideoLAN VLC Media Player 3.0.18 Release Candidate 2
videolan
vlc_media_player
3.0.18
2022-12-08
13h15 +00:00
2022-12-08
17h23 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:videolan:vlc_media_player:3.0.18:rc2:*:*:*:*:*:*

Informations

Vendor

videolan

Product

vlc_media_player

Version

3.0.18

Update

rc2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-46814 2023-11-21 23h00 +00:00 A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.
7.8
High
CVE-2023-47359 2023-11-06 23h00 +00:00 Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
9.8
Critical
CVE-2023-47360 2023-11-06 23h00 +00:00 Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.