Vulnerabilities > Realnetworks > Realplayer > 20.0.8.310
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-05 | CVE-2022-32291 | Unspecified vulnerability in Realnetworks Realplayer In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname (for a DLL file) in a RAM file. | 8.8 |
| 2022-06-03 | CVE-2022-32269 | Cross-site Scripting vulnerability in Realnetworks Realplayer 20.0.8.310 In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). | 9.8 |
| 2022-06-03 | CVE-2022-32270 | Path Traversal vulnerability in Realnetworks Realplayer 20.0.7.309/20.0.8.310 In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. | 9.8 |
| 2022-06-03 | CVE-2022-32271 | Cross-site Scripting vulnerability in Realnetworks Realplayer 20.0.8.310 In Real Player 20.0.8.310, there is a DCP:// URI Remote Arbitrary Code Execution Vulnerability. | 9.6 |