Every CVE whose affected-product data names Videolan Vlc, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2014-6440 — CVSS 9.8 (critical): VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.
CVE-2007-6682 — CVSS 7.5 (high): Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute…
CVE-2007-6681 — CVSS 7.5 (high): Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long…
CVE-2008-1769 — CVSS 6.8 (medium): VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds…
CVE-2008-1489 — CVSS 6.8 (medium): Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash)…
CVE-2008-1768 — CVSS 6.8 (medium): Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2)…
CVE-2008-1881 — CVSS 6.8 (medium): Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary…
CVE-2007-6683 — CVSS 5.0 (medium): The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a…
CVE-2007-6684 — CVSS 5.0 (medium): The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport…
CVE-2008-2147 — CVSS 4.6 (medium): Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under…