Search CVE reports
31 – 40 of 149 results
CVE-2019-14777
Medium prioritySome fixes available 2 of 3
The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-14776
Medium prioritySome fixes available 2 of 3
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-14535
Medium prioritySome fixes available 2 of 3
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-14534
Medium prioritySome fixes available 2 of 3
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-14533
Medium prioritySome fixes available 2 of 3
The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-14498
Medium prioritySome fixes available 2 of 3
A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-14438
Medium prioritySome fixes available 2 of 3
A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-14437
Medium prioritySome fixes available 2 of 3
The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-5460
Medium priorityDouble Free in VLC versions <= 3.0.6 leads to a crash.
1 affected packages
vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| vlc | — | — | — | Not affected | Not affected |
CVE-2019-5459
Medium priorityAn Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
2 affected packages
faad2, vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| faad2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vlc | Not affected | Not affected | Not affected | Not affected | Not affected |