Vulnerabilities > Videolan > VLC Media Player > 3.0.1

DATE CVE VULNERABILITY TITLE RISK
2019-07-14 CVE-2019-13602 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.
local
low complexity
videolan debian canonical opensuse CWE-191
7.8
7.8
2019-06-18 CVE-2019-12874 Double Free vulnerability in Videolan VLC Media Player
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7.
network
low complexity
videolan CWE-415
critical
 9.8
9.8
2019-06-13 CVE-2019-5439 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Videolan VLC Media Player
A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.
network
low complexity
videolan CWE-119
6.5
6.5
2018-05-28 CVE-2018-11516 Use After Free vulnerability in Videolan VLC Media Player 3.0.0/3.0.1
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.
network
low complexity
videolan CWE-416
8.8
8.8