VideoLAN VLC Media Player 3.0.5

CPE Details

VideoLAN VLC Media Player 3.0.5
videolan
vlc_media_player
3.0.5
2019-07-17
14h14 +00:00
2019-07-17
14h14 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:videolan:vlc_media_player:3.0.5:*:*:*:*:*:*:*

Informations

Vendor

videolan

Product

vlc_media_player

Version

3.0.5

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-46814 2023-11-21 23h00 +00:00 A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.
7.8
High
CVE-2023-47359 2023-11-06 23h00 +00:00 Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
9.8
Critical
CVE-2023-47360 2023-11-06 23h00 +00:00 Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
7.5
High
CVE-2022-41325 2022-12-05 23h00 +00:00 An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
7.8
High
CVE-2020-26664 2021-01-08 16h40 +00:00 A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
7.8
High
CVE-2019-19721 2020-05-15 15h28 +00:00 An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. NOTE: this may be related to the SDL_Image product.
7.8
High
CVE-2019-5460 2019-07-30 18h38 +00:00 Double Free in VLC versions <= 3.0.6 leads to a crash.
5.5
Medium
CVE-2019-5459 2019-07-30 18h24 +00:00 An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
7.1
High
CVE-2019-13962 2019-07-18 17h58 +00:00 lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
9.8
Critical
CVE-2019-13602 2019-07-14 19h00 +00:00 An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.
7.8
High
CVE-2019-12874 2019-06-18 15h53 +00:00 An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
9.8
Critical
CVE-2019-5439 2019-06-13 13h38 +00:00 A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
6.5
Medium