Realnetworks Realone Player — known CVE vulnerabilities
Every CVE whose affected-product data names Realnetworks Realone Player, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (35)
CVE-2003-1509 — CVSS 10.0 (critical): Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853…
CVE-2004-1094 — CVSS 10.0 (critical): Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a…
CVE-2005-2922 — CVSS 9.3 (critical): Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player…
CVE-2007-5080 — CVSS 9.3 (critical): Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to…
CVE-2007-4599 — CVSS 9.3 (critical): Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote…
CVE-2007-3410 — CVSS 9.3 (critical): Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and…
CVE-2007-2264 — CVSS 9.3 (critical): Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise…
CVE-2007-2263 — CVSS 9.3 (critical): Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows…
CVE-2006-1370 — CVSS 9.3 (critical): Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1…
CVE-2006-0323 — CVSS 9.3 (critical): Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and…
CVE-2007-5081 — CVSS 9.3 (critical): Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise…
CVE-2004-0273 — CVSS 9.3 (critical): Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload…
CVE-2004-0258 — CVSS 7.6 (high): Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote…
CVE-2002-0207 — CVSS 7.5 (high): Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value…
CVE-2002-1014 — CVSS 7.5 (high): Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary…
CVE-2002-1321 — CVSS 7.5 (high): Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via (1) a Synchronized Multimedia…
CVE-2005-0189 — CVSS 7.5 (high): Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute…
CVE-2002-1015 — CVSS 7.5 (high): RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local…
CVE-2005-2936 — CVSS 7.2 (high): Unquoted Windows search path vulnerability in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player…
CVE-2018-13121 — CVSS 5.5 (medium): RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash)…
CVE-2005-2054 — CVSS 5.1 (medium): Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite…
CVE-2004-0387 — CVSS 5.1 (medium): Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player…
CVE-2003-0726 — CVSS 5.1 (medium): RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that…
CVE-2003-0141 — CVSS 5.1 (medium): The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows…
CVE-2005-2629 — CVSS 5.1 (medium): Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to…
CVE-2005-2630 — CVSS 5.1 (medium): Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute…
CVE-2005-2052 — CVSS 5.1 (medium): Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and…
CVE-2005-0755 — CVSS 5.1 (medium): Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers…
CVE-2005-0611 — CVSS 5.1 (medium): Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote…
CVE-2005-0191 — CVSS 5.1 (medium): Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier…
CVE-2004-1798 — CVSS 5.1 (medium): RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia…
CVE-2004-1481 — CVSS 5.1 (medium): Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Windows or Mac OS…
CVE-2005-2055 — CVSS 5.0 (medium): RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an…
CVE-2005-0190 — CVSS 2.6 (low): Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real…
CVE-2005-0192 — CVSS 2.6 (low): Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to…