Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:ebuild/media-video/vlc@2.1.2

Type ebuild

Namespace media-video

Name vlc

Version 2.1.2

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.8.6-r1

Latest_non_vulnerable_version 3.0.20

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1y7q-q949-kbcc

vulnerability_id VCID-1y7q-q949-kbcc

summary libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3276

reference_id

reference_type

scores

value	0.08557
scoring_system	epss
scoring_elements	0.92525
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3276

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3276
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3276

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-3276

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1y7q-q949-kbcc

url VCID-22fc-m3gp-u7g8

vulnerability_id VCID-22fc-m3gp-u7g8

summary demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0531

reference_id

reference_type

scores

value	0.7325
scoring_system	epss
scoring_elements	0.98817
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0531

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0531
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0531

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16637.rb
reference_id	CVE-2011-0531;OSVDB-70698
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16637.rb

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-0531

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22fc-m3gp-u7g8

url VCID-2wm4-zq6n-u7cw

vulnerability_id VCID-2wm4-zq6n-u7cw

summary Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-2587

reference_id

reference_type

scores

value	0.03007
scoring_system	epss
scoring_elements	0.86813
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-2587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633674
reference_id	633674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633674

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-2587

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wm4-zq6n-u7cw

url VCID-3fuz-525g-7qhn

vulnerability_id VCID-3fuz-525g-7qhn

summary libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3275

reference_id

reference_type

scores

value	0.86225
scoring_system	epss
scoring_elements	0.99415
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3275

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3275
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3275

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17048.rb
reference_id	CVE-2010-3275;OSVDB-71277
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17048.rb

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-3275

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fuz-525g-7qhn

url VCID-3k7q-7ux2-v3gc

vulnerability_id VCID-3k7q-7ux2-v3gc

summary Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1775

reference_id

reference_type

scores

value	0.72888
scoring_system	epss
scoring_elements	0.98802
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1775

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18825.rb
reference_id	CVE-2012-1775;OSVDB-80188
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18825.rb

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2012-1775

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3k7q-7ux2-v3gc

url VCID-5q88-362x-8fbe

vulnerability_id VCID-5q88-362x-8fbe

summary Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1445

reference_id

reference_type

scores

value	0.01795
scoring_system	epss
scoring_elements	0.8308
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1445

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1445
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1445

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-1445

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5q88-362x-8fbe

url VCID-6fe9-zqgp-rkey

vulnerability_id VCID-6fe9-zqgp-rkey

summary Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-1684

reference_id

reference_type

scores

value	0.0494
scoring_system	epss
scoring_elements	0.89785
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-1684

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fe9-zqgp-rkey

url VCID-78tg-e6np-x3ca

vulnerability_id VCID-78tg-e6np-x3ca

summary The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 does not properly process ID3v2 tags, which allows remote attackers to cause a denial of service (application crash) via a crafted media file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2937

reference_id

reference_type

scores

value	0.01382
scoring_system	epss
scoring_elements	0.80605
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2937

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2937
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2937

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-2937

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-78tg-e6np-x3ca

url VCID-7ayv-bxhg-37a2

vulnerability_id VCID-7ayv-bxhg-37a2

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4388

reference_id

reference_type

scores

value	0.03905
scoring_system	epss
scoring_elements	0.88485
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4388

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726528
reference_id	726528
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726528

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2013-4388

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ayv-bxhg-37a2

url VCID-a7x2-a4kt-3yam

vulnerability_id VCID-a7x2-a4kt-3yam

summary VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6283

reference_id

reference_type

scores

value	0.09811
scoring_system	epss
scoring_elements	0.93093
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6283

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6283
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6283

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/27700.py
reference_id	OSVDB-96603;CVE-2013-6283
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/27700.py

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2013-6283

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7x2-a4kt-3yam

url VCID-a9mf-5dre-wfce

vulnerability_id VCID-a9mf-5dre-wfce

summary Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3377

reference_id

reference_type

scores

value	0.03905
scoring_system	epss
scoring_elements	0.88485
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665
reference_id	680665
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2012-3377

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a9mf-5dre-wfce

url VCID-b67n-vqzx-j3ev

vulnerability_id VCID-b67n-vqzx-j3ev

summary Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0023

reference_id

reference_type

scores

value	0.11852
scoring_system	epss
scoring_elements	0.93841
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0023

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2012-0023

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b67n-vqzx-j3ev

url VCID-da5u-xxs1-dfe1

vulnerability_id VCID-da5u-xxs1-dfe1

summary

Multiple vulnerabilities have been found in VLC, the worst of which
    could lead to user-assisted execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-5855

reference_id

reference_type

scores

value	0.00344
scoring_system	epss
scoring_elements	0.57215
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-5855

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2012-5855

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-da5u-xxs1-dfe1

url VCID-duzt-8hry-afcq

vulnerability_id VCID-duzt-8hry-afcq

summary Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1776

reference_id

reference_type

scores

value	0.03903
scoring_system	epss
scoring_elements	0.8848
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1776

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2012-1776

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duzt-8hry-afcq

url VCID-dvtd-vjms-g3fr

vulnerability_id VCID-dvtd-vjms-g3fr

summary libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-5470

reference_id

reference_type

scores

value	0.16977
scoring_system	epss
scoring_elements	0.95083
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-5470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5470

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692130
reference_id	692130
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692130

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/21889.pl
reference_id	CVE-2012-5470;OSVDB-86685
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/21889.pl

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2012-5470

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dvtd-vjms-g3fr

url VCID-fq5r-txzc-gfdp

vulnerability_id VCID-fq5r-txzc-gfdp

summary Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-2588

reference_id

reference_type

scores

value	0.03007
scoring_system	epss
scoring_elements	0.86813
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-2588

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633675
reference_id	633675
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633675

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-2588

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fq5r-txzc-gfdp

url VCID-fyek-gh73-fybn

vulnerability_id VCID-fyek-gh73-fybn

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1868

reference_id

reference_type

scores

value	0.50657
scoring_system	epss
scoring_elements	0.97897
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/23201.txt
reference_id	OSVDB-88299;CVE-2013-1868
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/23201.txt

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2013-1868

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyek-gh73-fybn

url VCID-ge6q-4wte-nqg9

vulnerability_id VCID-ge6q-4wte-nqg9

summary VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1442

reference_id

reference_type

scores

value	0.0182
scoring_system	epss
scoring_elements	0.8318
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1442

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1442
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1442

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-1442

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ge6q-4wte-nqg9

url VCID-htn6-yzy9-5bhh

vulnerability_id VCID-htn6-yzy9-5bhh

summary Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0021

reference_id

reference_type

scores

value	0.10195
scoring_system	epss
scoring_elements	0.9325
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0021

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-0021

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-htn6-yzy9-5bhh

url VCID-jkex-a5gg-qbf4

vulnerability_id VCID-jkex-a5gg-qbf4

summary plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine." A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3245

reference_id

reference_type

scores

value	0.01865
scoring_system	epss
scoring_elements	0.83388
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3245

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245

reference_url

http://secunia.com/blog/372/

reference_id

372

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://secunia.com/blog/372/

reference_url

http://secunia.com/advisories/52956

reference_id

52956

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://secunia.com/advisories/52956

reference_url

http://www.securityfocus.com/bid/61032

reference_id

61032

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://www.securityfocus.com/bid/61032

reference_url

http://seclists.org/fulldisclosure/2013/Jul/71

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/71

reference_url

http://seclists.org/fulldisclosure/2013/Jul/77

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/77

reference_url

http://seclists.org/fulldisclosure/2013/Jul/79

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/79

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

reference_url

http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia

reference_id

More-lies-from-Secunia

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2013-3245

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jkex-a5gg-qbf4

url VCID-kmyx-swec-bbg9

vulnerability_id VCID-kmyx-swec-bbg9

summary Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2062

reference_id

reference_type

scores

value	0.02991
scoring_system	epss
scoring_elements	0.8678
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2062
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2062

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581245
reference_id	581245
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581245

reference_url	https://security.gentoo.org/glsa/201310-13
reference_id	GLSA-201310-13
reference_type
scores
url	https://security.gentoo.org/glsa/201310-13

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-2062

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kmyx-swec-bbg9

url VCID-n6au-6hme-2bgr

vulnerability_id VCID-n6au-6hme-2bgr

summary Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-1087

reference_id

reference_type

scores

value	0.11007
scoring_system	epss
scoring_elements	0.93546
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1087
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1087

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616156
reference_id	616156
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616156

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-1087

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n6au-6hme-2bgr

url VCID-ncpt-w2jn-xqer

vulnerability_id VCID-ncpt-w2jn-xqer

summary Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3623

reference_id

reference_type

scores

value	0.03687
scoring_system	epss
scoring_elements	0.88131
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3623

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-3623

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncpt-w2jn-xqer

url VCID-nszk-4m4b-dkdg

vulnerability_id VCID-nszk-4m4b-dkdg

summary

Multiple vulnerabilities have been found in VLC, the worst of which
    could lead to user-assisted execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6934

reference_id

reference_type

scores

value	0.03978
scoring_system	epss
scoring_elements	0.88593
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6934

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2013-6934

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nszk-4m4b-dkdg

url VCID-p9qv-v6j4-pufq

vulnerability_id VCID-p9qv-v6j4-pufq

summary Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-2194

reference_id

reference_type

scores

value	0.12877
scoring_system	epss
scoring_elements	0.94163
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-2194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2194

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/17372.txt
reference_id	CVE-2011-2194;OSVDB-73450
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/17372.txt

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-2194

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9qv-v6j4-pufq

url VCID-q36j-35sw-nkeh

vulnerability_id VCID-q36j-35sw-nkeh

summary Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3907

reference_id

reference_type

scores

value	0.02757
scoring_system	epss
scoring_elements	0.86255
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3907

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3907

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-3907

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q36j-35sw-nkeh

url VCID-qmva-vqp9-wkfq

vulnerability_id VCID-qmva-vqp9-wkfq

summary Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) A/52, (2) DTS, or (3) MPEG Audio decoder.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1441

reference_id

reference_type

scores

value	0.01795
scoring_system	epss
scoring_elements	0.8308
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1441

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1441
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1441

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-1441

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmva-vqp9-wkfq

url VCID-sp9r-p23e-zqhj

vulnerability_id VCID-sp9r-p23e-zqhj

summary The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty location element in an XML Shareable Playlist Format (XSPF) document.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1443

reference_id

reference_type

scores

value	0.00535
scoring_system	epss
scoring_elements	0.6772
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1443

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1443
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1443

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-1443

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sp9r-p23e-zqhj

url VCID-t4v1-1k8v-uybx

vulnerability_id VCID-t4v1-1k8v-uybx

summary The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted archive.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1444

reference_id

reference_type

scores

value	0.019
scoring_system	epss
scoring_elements	0.83543
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1444

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1444
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1444

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-1444

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4v1-1k8v-uybx

url VCID-td8j-zjkp-hfdd

vulnerability_id VCID-td8j-zjkp-hfdd

summary taglib: Division by zero while parsing properties of certain MP4 audio files

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2396.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2396.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2396

reference_id

reference_type

scores

value	0.02037
scoring_system	epss
scoring_elements	0.84103
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2396

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=818583
reference_id	818583
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=818583

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18757.txt
reference_id	CVE-2012-2396;OSVDB-81224
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18757.txt

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2012-2396

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-td8j-zjkp-hfdd

url VCID-ufqp-rwut-g3dc

vulnerability_id VCID-ufqp-rwut-g3dc

summary The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0522

reference_id

reference_type

scores

value	0.66189
scoring_system	epss
scoring_elements	0.98542
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0522

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0522
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0522

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/16108.txt
reference_id	CVE-2011-0522;OSVDB-72906;OSVDB-72905
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/16108.txt

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2011-0522

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ufqp-rwut-g3dc

url VCID-xcx2-72xy-wyd1

vulnerability_id VCID-xcx2-72xy-wyd1

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1954

reference_id

reference_type

scores

value	0.02271
scoring_system	epss
scoring_elements	0.84914
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705136
reference_id	705136
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705136

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2013-1954

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xcx2-72xy-wyd1

url VCID-y2ey-5xbq-2kdx

vulnerability_id VCID-y2ey-5xbq-2kdx

summary

Multiple vulnerabilities have been found in VLC, the worst of which
    could lead to user-assisted execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3124

reference_id

reference_type

scores

value	0.08392
scoring_system	epss
scoring_elements	0.92439
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3124

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/14750.txt
reference_id	CVE-2010-3124;OSVDB-67492
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/14750.txt

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

aliases CVE-2010-3124

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y2ey-5xbq-2kdx

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

Package Instance