Every CVE whose affected-product data names Xine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2008-5237 — CVSS 10.0 (critical): Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service…
CVE-2004-1187 — CVSS 10.0 (critical): Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows…
CVE-2004-1188 — CVSS 10.0 (critical): The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify…
CVE-2007-0255 — CVSS 9.3 (critical): XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via…
CVE-2008-5236 — CVSS 9.3 (critical): Multiple heap-based buffer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to execute arbitrary…
CVE-2008-5235 — CVSS 9.3 (critical): Heap-based buffer overflow in the demux_real_send_chunk function in src/demuxers/demux_real.c in xine-lib before 1.1.15 allows remote…
CVE-2004-1379 — CVSS 7.5 (high): Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary…
CVE-2006-1905 — CVSS 7.5 (high): Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format…
CVE-2008-5238 — CVSS 7.1 (high): Integer overflow in the real_parse_mdpr function in demux_real.c in xine-lib 1.1.12, and other versions before 1.1.15, allows remote…
CVE-2004-1476 — CVSS 5.1 (medium): Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute…
CVE-2004-1475 — CVSS 5.1 (medium): Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd://…
CVE-2006-2230 — CVSS 5.0 (medium): Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format…
CVE-2004-1951 — CVSS 5.0 (medium): xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via…
CVE-2004-0372 — CVSS 2.1 (low): xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport…