Package Instance

reference_id

mms

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-07T14:49:06Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html

reference_url

reference_id

msg00034.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-07T14:49:06Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html

reference_url	https://usn.ubuntu.com/6783-1/
reference_id	USN-6783-1
reference_type
scores
url	https://usn.ubuntu.com/6783-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.20-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.20-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.20-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.20-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.20-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.20-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2023-47359

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2k3h-wwwc-skcr

url VCID-2tnv-ezk2-1bh3

vulnerability_id VCID-2tnv-ezk2-1bh3

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13962

reference_id

reference_type

scores

value	0.03227
scoring_system	epss
scoring_elements	0.87282
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970

reference_url	https://security.gentoo.org/glsa/201909-02
reference_id	GLSA-201909-02
reference_type
scores
url	https://security.gentoo.org/glsa/201909-02

reference_url	https://usn.ubuntu.com/4131-1/
reference_id	USN-4131-1
reference_type
scores
url	https://usn.ubuntu.com/4131-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-13962

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2tnv-ezk2-1bh3

url VCID-2wm4-zq6n-u7cw

vulnerability_id VCID-2wm4-zq6n-u7cw

summary Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-2587

reference_id

reference_type

scores

value	0.03007
scoring_system	epss
scoring_elements	0.86813
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-2587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633674
reference_id	633674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633674

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.11-1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.11-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2011-2587

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wm4-zq6n-u7cw

url VCID-2zt8-x7cs-63aw

vulnerability_id VCID-2zt8-x7cs-63aw

summary The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6684

reference_id

reference_type

scores

value	0.00877
scoring_system	epss
scoring_elements	0.75608
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6684

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318
reference_id	458318
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318

reference_url	https://security.gentoo.org/glsa/200803-13
reference_id	GLSA-200803-13
reference_type
scores
url	https://security.gentoo.org/glsa/200803-13

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-6684

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zt8-x7cs-63aw

url VCID-31tj-6sdh-kyc6

vulnerability_id VCID-31tj-6sdh-kyc6

summary Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-4048

reference_id

reference_type

scores

value	0.05247
scoring_system	epss
scoring_elements	0.90117
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342207
reference_id	342207
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342207

reference_url	https://security.gentoo.org/glsa/200601-06
reference_id	GLSA-200601-06
reference_type
scores
url	https://security.gentoo.org/glsa/200601-06

reference_url	https://security.gentoo.org/glsa/200602-01
reference_id	GLSA-200602-01
reference_type
scores
url	https://security.gentoo.org/glsa/200602-01

reference_url	https://security.gentoo.org/glsa/200603-03
reference_id	GLSA-200603-03
reference_type
scores
url	https://security.gentoo.org/glsa/200603-03

reference_url	https://usn.ubuntu.com/230-1/
reference_id	USN-230-1
reference_type
scores
url	https://usn.ubuntu.com/230-1/

reference_url	https://usn.ubuntu.com/230-2/
reference_id	USN-230-2
reference_type
scores
url	https://usn.ubuntu.com/230-2/

fixed_packages

url	pkg:deb/debian/vlc@0.8.4.debian-2?distro=trixie
purl	pkg:deb/debian/vlc@0.8.4.debian-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.4.debian-2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2005-4048

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31tj-6sdh-kyc6

url VCID-39rv-ssyd-9bcd

vulnerability_id VCID-39rv-ssyd-9bcd

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5108

reference_id

reference_type

scores

value	0.20819
scoring_system	epss
scoring_elements	0.95708
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5108

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5108
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5108

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825728
reference_id	825728
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825728

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41025.txt
reference_id	CVE-2016-5108
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41025.txt

reference_url	http://www.openwall.com/lists/oss-security/2016/05/27/3
reference_id	CVE-2016-5108
reference_type	exploit
scores
url	http://www.openwall.com/lists/oss-security/2016/05/27/3

reference_url	https://security.gentoo.org/glsa/201701-39
reference_id	GLSA-201701-39
reference_type
scores
url	https://security.gentoo.org/glsa/201701-39

fixed_packages

url	pkg:deb/debian/vlc@2.2.3-2?distro=trixie
purl	pkg:deb/debian/vlc@2.2.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.3-2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2016-5108

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-39rv-ssyd-9bcd

url VCID-3eqj-ey5s-rudn

vulnerability_id VCID-3eqj-ey5s-rudn

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9629

reference_id

reference_type

scores

value	0.01498
scoring_system	epss
scoring_elements	0.81426
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866
reference_id	775866
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866

reference_url	https://security.gentoo.org/glsa/201603-08
reference_id	GLSA-201603-08
reference_type
scores
url	https://security.gentoo.org/glsa/201603-08

fixed_packages

url	pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie
purl	pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2014-9629

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3eqj-ey5s-rudn

url VCID-3fuz-525g-7qhn

vulnerability_id VCID-3fuz-525g-7qhn

summary libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3275

reference_id

reference_type

scores

value	0.86225
scoring_system	epss
scoring_elements	0.99415
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3275

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3275
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3275

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17048.rb
reference_id	CVE-2010-3275;OSVDB-71277
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17048.rb

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.8-1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-3275

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fuz-525g-7qhn

url VCID-3k7q-7ux2-v3gc

vulnerability_id VCID-3k7q-7ux2-v3gc

summary Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1775

reference_id

reference_type

scores

value	0.72888
scoring_system	epss
scoring_elements	0.98802
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1775

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18825.rb
reference_id	CVE-2012-1775;OSVDB-80188
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18825.rb

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@2.0.1-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.1-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2012-1775

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3k7q-7ux2-v3gc

url VCID-3z8d-fmkm-vbg9

vulnerability_id VCID-3z8d-fmkm-vbg9

summary VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1769

reference_id

reference_type

scores

value	0.26634
scoring_system	epss
scoring_elements	0.96428
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1769

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1769
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1769

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478140
reference_id	478140
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478140

reference_url	https://security.gentoo.org/glsa/200804-25
reference_id	GLSA-200804-25
reference_type
scores
url	https://security.gentoo.org/glsa/200804-25

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2.1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-1769

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3z8d-fmkm-vbg9

url VCID-43c6-j159-yfbk

vulnerability_id VCID-43c6-j159-yfbk

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9626

reference_id

reference_type

scores

value	0.00338
scoring_system	epss
scoring_elements	0.56858
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866
reference_id	775866
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866

reference_url	https://security.gentoo.org/glsa/201603-08
reference_id	GLSA-201603-08
reference_type
scores
url	https://security.gentoo.org/glsa/201603-08

fixed_packages

url	pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie
purl	pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2014-9626

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-43c6-j159-yfbk

url VCID-5973-1mjv-9qbt

vulnerability_id VCID-5973-1mjv-9qbt

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6077

reference_id

reference_type

scores

value	0.00537
scoring_system	epss
scoring_elements	0.67802
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080

reference_url	https://security.archlinux.org/ASA-202004-24
reference_id	ASA-202004-24
reference_type
scores
url	https://security.archlinux.org/ASA-202004-24

reference_url

reference_id

AVG-1136

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1445

reference_url	https://security.gentoo.org/glsa/202005-10
reference_id	GLSA-202005-10
reference_type
scores
url	https://security.gentoo.org/glsa/202005-10

reference_url	https://usn.ubuntu.com/7239-1/
reference_id	USN-7239-1
reference_type
scores
url	https://usn.ubuntu.com/7239-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2020-6077

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5973-1mjv-9qbt

url VCID-5q88-362x-8fbe

vulnerability_id VCID-5q88-362x-8fbe

summary Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session.

references

reference_url

reference_id

reference_type

scores

value	0.01795
scoring_system	epss
scoring_elements	0.8308
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1445

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1445
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1445

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
purl	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-1445

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5q88-362x-8fbe

url VCID-68a3-djza-fkc6

vulnerability_id VCID-68a3-djza-fkc6

summary The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0984

reference_id

reference_type

scores

value	0.27188
scoring_system	epss
scoring_elements	0.96476
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0984

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467652
reference_id	467652
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467652

reference_url	https://security.gentoo.org/glsa/200803-13
reference_id	GLSA-200803-13
reference_type
scores
url	https://security.gentoo.org/glsa/200803-13

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.e-1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.e-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-0984

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-68a3-djza-fkc6

url VCID-68r2-pck9-xuhy

vulnerability_id VCID-68r2-pck9-xuhy

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14533

reference_id

reference_type

scores

value	0.00307
scoring_system	epss
scoring_elements	0.54196
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970

reference_url	https://security.gentoo.org/glsa/201909-02
reference_id	GLSA-201909-02
reference_type
scores
url	https://security.gentoo.org/glsa/201909-02

reference_url	https://usn.ubuntu.com/4131-1/
reference_id	USN-4131-1
reference_type
scores
url	https://usn.ubuntu.com/4131-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-14533

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-68r2-pck9-xuhy

url VCID-6fe9-zqgp-rkey

vulnerability_id VCID-6fe9-zqgp-rkey

summary Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-1684

reference_id

reference_type

scores

value	0.0494
scoring_system	epss
scoring_elements	0.89785
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.8-3?distro=trixie
purl	pkg:deb/debian/vlc@1.1.8-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.8-3%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2011-1684

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fe9-zqgp-rkey

url VCID-6n3f-56gb-gffg

vulnerability_id VCID-6n3f-56gb-gffg

summary mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-51602

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.07698
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-51602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-51602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-51602

reference_url

https://code.videolan.org/videolan/vlc/-/issues/29146

reference_id

29146

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T17:35:28Z/

url

https://code.videolan.org/videolan/vlc/-/issues/29146

reference_url

https://www.videolan.org/security/sb-vlc3022.html

reference_id

sb-vlc3022.html

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T17:35:28Z/

url

https://www.videolan.org/security/sb-vlc3022.html

fixed_packages

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.22-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.22-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.22-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.22-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2025-51602

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6n3f-56gb-gffg

url VCID-6rmd-dk6h-1qgw

vulnerability_id VCID-6rmd-dk6h-1qgw

summary Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1300

reference_id

reference_type

scores

value	0.09687
scoring_system	epss
scoring_elements	0.93044
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1300

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24978.txt
reference_id	CVE-2004-1300;OSVDB-12474
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24978.txt

reference_url	https://www.securityfocus.com/bid/11969/info
reference_id	CVE-2004-1300;OSVDB-12474
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/11969/info

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2004-1300

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6rmd-dk6h-1qgw

url VCID-6wrh-29y2-tkes

vulnerability_id VCID-6wrh-29y2-tkes

summary

Multiple vulnerabilities in xine-lib might result in the remote execution
    of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0698

reference_id

reference_type

scores

value	0.02442
scoring_system	epss
scoring_elements	0.85427
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0698

reference_url	https://security.gentoo.org/glsa/201006-04
reference_id	GLSA-201006-04
reference_type
scores
url	https://security.gentoo.org/glsa/201006-04

reference_url	https://usn.ubuntu.com/746-1/
reference_id	USN-746-1
reference_type
scores
url	https://usn.ubuntu.com/746-1/

reference_url	https://usn.ubuntu.com/763-1/
reference_id	USN-763-1
reference_type
scores
url	https://usn.ubuntu.com/763-1/

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2009-0698

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wrh-29y2-tkes

url VCID-73kb-gdnz-13au

vulnerability_id VCID-73kb-gdnz-13au

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-8312

reference_id

reference_type

scores

value	0.00338
scoring_system	epss
scoring_elements	0.5681
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-8312

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313

reference_url	https://security.archlinux.org/ASA-201706-1
reference_id	ASA-201706-1
reference_type
scores
url	https://security.archlinux.org/ASA-201706-1

reference_url

reference_id

AVG-283

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2937

reference_url	https://security.gentoo.org/glsa/201707-10
reference_id	GLSA-201707-10
reference_type
scores
url	https://security.gentoo.org/glsa/201707-10

fixed_packages

url	pkg:deb/debian/vlc@2.2.6-1~deb9u1?distro=trixie
purl	pkg:deb/debian/vlc@2.2.6-1~deb9u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.6-1~deb9u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2017-8312

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73kb-gdnz-13au

url VCID-78tg-e6np-x3ca

vulnerability_id VCID-78tg-e6np-x3ca

summary The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 does not properly process ID3v2 tags, which allows remote attackers to cause a denial of service (application crash) via a crafted media file.

references

reference_url

reference_id

reference_type

scores

value	0.01382
scoring_system	epss
scoring_elements	0.80605
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2937

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2937
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2937

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.3-1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-2937

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-78tg-e6np-x3ca

url VCID-7aby-nugy-17f2

vulnerability_id VCID-7aby-nugy-17f2

summary VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-6440

reference_id

reference_type

scores

value	0.067
scoring_system	epss
scoring_elements	0.91389
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-6440

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6440
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6440

reference_url	https://security.gentoo.org/glsa/201603-08
reference_id	GLSA-201603-08
reference_type
scores
url	https://security.gentoo.org/glsa/201603-08

fixed_packages

url	pkg:deb/debian/vlc@2.1.5-1?distro=trixie
purl	pkg:deb/debian/vlc@2.1.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.5-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2014-6440

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7aby-nugy-17f2

url VCID-7ayv-bxhg-37a2

vulnerability_id VCID-7ayv-bxhg-37a2

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4388

reference_id

reference_type

scores

value	0.03905
scoring_system	epss
scoring_elements	0.88485
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4388

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726528
reference_id	726528
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726528

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@2.1.0-1?distro=trixie
purl	pkg:deb/debian/vlc@2.1.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.0-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-4388

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ayv-bxhg-37a2

url VCID-8g59-wc79-3qf9

vulnerability_id VCID-8g59-wc79-3qf9

summary requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1045

reference_id

reference_type

scores

value	0.10904
scoring_system	epss
scoring_elements	0.9351
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1045

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522170
reference_id	522170
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522170

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/8213.pl
reference_id	OSVDB-52897;CVE-2009-1045
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/8213.pl

fixed_packages

url	pkg:deb/debian/vlc@0.9.9a-1?distro=trixie
purl	pkg:deb/debian/vlc@0.9.9a-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.9.9a-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2009-1045

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8g59-wc79-3qf9

url VCID-97pe-web8-bffm

vulnerability_id VCID-97pe-web8-bffm

summary

Multiple vulnerabilities in xine-lib might result in the remote execution
    of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5246

reference_id

reference_type

scores

value	0.04348
scoring_system	epss
scoring_elements	0.89104
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5246

reference_url	https://security.gentoo.org/glsa/201006-04
reference_id	GLSA-201006-04
reference_type
scores
url	https://security.gentoo.org/glsa/201006-04

reference_url	https://usn.ubuntu.com/710-1/
reference_id	USN-710-1
reference_type
scores
url	https://usn.ubuntu.com/710-1/

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-5246

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97pe-web8-bffm

url VCID-99jx-jjxn-93ad

vulnerability_id VCID-99jx-jjxn-93ad

summary Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3467

reference_id

reference_type

scores

value	0.0103
scoring_system	epss
scoring_elements	0.77614
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3467

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3467
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3467

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726
reference_id	429726
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-3467

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-99jx-jjxn-93ad

url VCID-9a2y-gsb8-93gr

vulnerability_id VCID-9a2y-gsb8-93gr

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-8313

reference_id

reference_type

scores

value	0.00338
scoring_system	epss
scoring_elements	0.56834
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-8313

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313

reference_url	https://security.gentoo.org/glsa/201707-10
reference_id	GLSA-201707-10
reference_type
scores
url	https://security.gentoo.org/glsa/201707-10

fixed_packages

url	pkg:deb/debian/vlc@2.2.5-1?distro=trixie
purl	pkg:deb/debian/vlc@2.2.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.5-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2017-8313

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9a2y-gsb8-93gr

url VCID-a3mz-sz3c-afcd

vulnerability_id VCID-a3mz-sz3c-afcd

summary xine-lib: sdpplin_parse() Array Indexing Vulnerability

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0073.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0073.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0073

reference_id

reference_type

scores

value	0.01773
scoring_system	epss
scoring_elements	0.82977
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=438182
reference_id	438182
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=438182

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473057
reference_id	473057
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473057

reference_url	https://security.gentoo.org/glsa/200804-25
reference_id	GLSA-200804-25
reference_type
scores
url	https://security.gentoo.org/glsa/200804-25

reference_url	https://security.gentoo.org/glsa/200808-01
reference_id	GLSA-200808-01
reference_type
scores
url	https://security.gentoo.org/glsa/200808-01

reference_url	https://usn.ubuntu.com/635-1/
reference_id	USN-635-1
reference_type
scores
url	https://usn.ubuntu.com/635-1/

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.e-2?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.e-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-0073

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a3mz-sz3c-afcd

url VCID-a49g-pab3-hyev

vulnerability_id VCID-a49g-pab3-hyev

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14776

reference_id

reference_type

scores

value	0.00417
scoring_system	epss
scoring_elements	0.62026
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970

reference_url	https://security.gentoo.org/glsa/201909-02
reference_id	GLSA-201909-02
reference_type
scores
url	https://security.gentoo.org/glsa/201909-02

reference_url	https://usn.ubuntu.com/4131-1/
reference_id	USN-4131-1
reference_type
scores
url	https://usn.ubuntu.com/4131-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-14776

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a49g-pab3-hyev

url VCID-a5zh-edkn-g7d3

vulnerability_id VCID-a5zh-edkn-g7d3

summary VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-7340

reference_id

reference_type

scores

value	0.00443
scoring_system	epss
scoring_elements	0.63604
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-7340

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7340
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7340

fixed_packages

url	pkg:deb/debian/vlc@2.2.0~rc2-1?distro=trixie
purl	pkg:deb/debian/vlc@2.2.0~rc2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-7340

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a5zh-edkn-g7d3

url VCID-a7x2-a4kt-3yam

vulnerability_id VCID-a7x2-a4kt-3yam

summary VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6283

reference_id

reference_type

scores

value	0.09811
scoring_system	epss
scoring_elements	0.93093
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6283

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6283
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6283

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/27700.py
reference_id	OSVDB-96603;CVE-2013-6283
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/27700.py

fixed_packages

url	pkg:deb/debian/vlc@2.1.0-2?distro=trixie
purl	pkg:deb/debian/vlc@2.1.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.0-2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-6283

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7x2-a4kt-3yam

url VCID-a9mf-5dre-wfce

vulnerability_id VCID-a9mf-5dre-wfce

summary Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3377

reference_id

reference_type

scores

value	0.03905
scoring_system	epss
scoring_elements	0.88485
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665
reference_id	680665
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@2.0.2-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.2-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2012-3377

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a9mf-5dre-wfce

url VCID-aau5-3d7k-sfe9

vulnerability_id VCID-aau5-3d7k-sfe9

summary arbitrary code execution

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5439

reference_id

reference_type

scores

value	0.17012
scoring_system	epss
scoring_elements	0.9509
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930276
reference_id	930276
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930276

reference_url	https://security.archlinux.org/ASA-201906-22
reference_id	ASA-201906-22
reference_type
scores
url	https://security.archlinux.org/ASA-201906-22

reference_url

reference_id

AVG-998

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2024-46461

reference_url	https://security.gentoo.org/glsa/201908-23
reference_id	GLSA-201908-23
reference_type
scores
url	https://security.gentoo.org/glsa/201908-23

reference_url	https://usn.ubuntu.com/4074-1/
reference_id	USN-4074-1
reference_type
scores
url	https://usn.ubuntu.com/4074-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-5439

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aau5-3d7k-sfe9

url VCID-b58n-2gpc-a7ek

vulnerability_id VCID-b58n-2gpc-a7ek

summary security update

references

reference_url

reference_id

reference_type

scores

value	0.00353
scoring_system	epss
scoring_elements	0.57878
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-46461

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46461
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46461

reference_url

https://www.videolan.org/security/sb-vlc3021.html

reference_id

sb-vlc3021.html

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T15:37:59Z/

url

https://www.videolan.org/security/sb-vlc3021.html

reference_url	https://usn.ubuntu.com/7243-1/
reference_id	USN-7243-1
reference_type
scores
url	https://usn.ubuntu.com/7243-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2024-46461

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b58n-2gpc-a7ek

url VCID-b67n-vqzx-j3ev

vulnerability_id VCID-b67n-vqzx-j3ev

summary Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0023

reference_id

reference_type

scores

value	0.11852
scoring_system	epss
scoring_elements	0.93841
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0023

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.13-1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.13-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.13-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2012-0023

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b67n-vqzx-j3ev

url VCID-c2qj-4wqv-ybfn

vulnerability_id VCID-c2qj-4wqv-ybfn

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25802

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.51795
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804

reference_url	https://usn.ubuntu.com/6180-1/
reference_id	USN-6180-1
reference_type
scores
url	https://usn.ubuntu.com/6180-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.12-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.12-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2021-25802

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2qj-4wqv-ybfn

url VCID-ct1v-7zwr-3fcr

vulnerability_id VCID-ct1v-7zwr-3fcr

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13428

reference_id

reference_type

scores

value	0.0692
scoring_system	epss
scoring_elements	0.91538
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13428

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13428
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13428

reference_url	https://usn.ubuntu.com/6180-1/
reference_id	USN-6180-1
reference_type
scores
url	https://usn.ubuntu.com/6180-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.11-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.11-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2020-13428

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ct1v-7zwr-3fcr

url VCID-cvbd-ydn7-cugm

vulnerability_id VCID-cvbd-ydn7-cugm

summary Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6681

reference_id

reference_type

scores

value	0.39044
scoring_system	epss
scoring_elements	0.97343
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318
reference_id	458318
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318

reference_url	https://security.gentoo.org/glsa/200803-13
reference_id	GLSA-200803-13
reference_type
scores
url	https://security.gentoo.org/glsa/200803-13

reference_url	https://security.gentoo.org/glsa/200804-25
reference_id	GLSA-200804-25
reference_type
scores
url	https://security.gentoo.org/glsa/200804-25

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5498.py
reference_id	OSVDB-44578;CVE-2008-1769;OSVDB-43702;CVE-2008-1489;OSVDB-43436;CVE-2008-0984;OSVDB-43002;CVE-2008-0296;OSVDB-42207;CVE-2008-0295;OSVDB-42194;CVE-2008-0073;OSVDB-42193;CVE-2007-6681
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5498.py

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-6681

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cvbd-ydn7-cugm

url VCID-cxmz-xy2h-hfaj

vulnerability_id VCID-cxmz-xy2h-hfaj

summary The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3564

reference_id

reference_type

scores

value	0.00233
scoring_system	epss
scoring_elements	0.46198
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3564

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3564
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3564

fixed_packages

url	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-3564

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cxmz-xy2h-hfaj

url VCID-czjd-h9eu-x7d6

vulnerability_id VCID-czjd-h9eu-x7d6

summary Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1768

reference_id

reference_type

scores

value	0.01879
scoring_system	epss
scoring_elements	0.83454
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1768

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1768
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1768

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478140
reference_id	478140
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478140

reference_url	https://security.gentoo.org/glsa/200804-25
reference_id	GLSA-200804-25
reference_type
scores
url	https://security.gentoo.org/glsa/200804-25

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2.1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-1768

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-czjd-h9eu-x7d6

url VCID-da5u-xxs1-dfe1

vulnerability_id VCID-da5u-xxs1-dfe1

summary

Multiple vulnerabilities have been found in VLC, the worst of which
    could lead to user-assisted execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-5855

reference_id

reference_type

scores

value	0.00344
scoring_system	epss
scoring_elements	0.57215
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-5855

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2012-5855

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-da5u-xxs1-dfe1

url VCID-duzt-8hry-afcq

vulnerability_id VCID-duzt-8hry-afcq

summary Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1776

reference_id

reference_type

scores

value	0.03903
scoring_system	epss
scoring_elements	0.8848
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1776

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@2.0.1-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.1-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2012-1776

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duzt-8hry-afcq

url VCID-dv6p-47uf-8ucb

vulnerability_id VCID-dv6p-47uf-8ucb

summary Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1476

reference_id

reference_type

scores

value	0.02053
scoring_system	epss
scoring_elements	0.84163
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1476

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1476
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1476

reference_url	https://security.gentoo.org/glsa/200409-30
reference_id	GLSA-200409-30
reference_type
scores
url	https://security.gentoo.org/glsa/200409-30

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2004-1476

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dv6p-47uf-8ucb

url VCID-dvtd-vjms-g3fr

vulnerability_id VCID-dvtd-vjms-g3fr

summary libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-5470

reference_id

reference_type

scores

value	0.16977
scoring_system	epss
scoring_elements	0.95083
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-5470

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5470
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5470

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692130
reference_id	692130
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692130

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/21889.pl
reference_id	CVE-2012-5470;OSVDB-86685
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/21889.pl

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@2.0.4-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.4-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2012-5470

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dvtd-vjms-g3fr

url VCID-epg8-9q1w-b7gv

vulnerability_id VCID-epg8-9q1w-b7gv

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25801

reference_id

reference_type

scores

value	0.02324
scoring_system	epss
scoring_elements	0.8507
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804

reference_url	https://usn.ubuntu.com/6180-1/
reference_id	USN-6180-1
reference_type
scores
url	https://usn.ubuntu.com/6180-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.12-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.12-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2021-25801

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-epg8-9q1w-b7gv

url VCID-erfe-pg29-xfad

vulnerability_id VCID-erfe-pg29-xfad

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-25804

reference_id

reference_type

scores

value	0.01001
scoring_system	epss
scoring_elements	0.77298
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-25804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804

reference_url	https://usn.ubuntu.com/6180-1/
reference_id	USN-6180-1
reference_type
scores
url	https://usn.ubuntu.com/6180-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.12-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.12-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2021-25804

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-erfe-pg29-xfad

url VCID-ezme-bbsg-4khs

vulnerability_id VCID-ezme-bbsg-4khs

summary plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-9301

reference_id

reference_type

scores

value	0.00421
scoring_system	epss
scoring_elements	0.62264
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9301

fixed_packages

url	pkg:deb/debian/vlc@2.2.5.1-1?distro=trixie
purl	pkg:deb/debian/vlc@2.2.5.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.5.1-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2017-9301

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezme-bbsg-4khs

url VCID-fewk-x4rv-bqbx

vulnerability_id VCID-fewk-x4rv-bqbx

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19721

reference_id

reference_type

scores

value	0.01303
scoring_system	epss
scoring_elements	0.80067
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080

reference_url

https://security.archlinux.org/AVG-1145

reference_id

AVG-1145

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1145

reference_url	https://security.gentoo.org/glsa/202005-11
reference_id	GLSA-202005-11
reference_type
scores
url	https://security.gentoo.org/glsa/202005-11

reference_url	https://usn.ubuntu.com/6180-1/
reference_id	USN-6180-1
reference_type
scores
url	https://usn.ubuntu.com/6180-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.9.2-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.9.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.9.2-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-19721

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fewk-x4rv-bqbx

url VCID-fq5r-txzc-gfdp

vulnerability_id VCID-fq5r-txzc-gfdp

summary Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-2588

reference_id

reference_type

scores

value	0.03007
scoring_system	epss
scoring_elements	0.86813
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-2588

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633675
reference_id	633675
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633675

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.11-1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.11-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2011-2588

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fq5r-txzc-gfdp

url VCID-fret-qvh1-13gg

vulnerability_id VCID-fret-qvh1-13gg

summary xine-lib: various flaws (CVE-2008-5234 CVE-2008-5235 CVE-2008-5236 CVE-2008-5237 CVE-2008-5239 CVE-2008-5240 CVE-2008-5241 CVE-2008-5242 CVE-2008-5243 CVE-2008-5244 CVE-2008-5247)

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5235.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5235.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5235

reference_id

reference_type

scores

value	0.03478
scoring_system	epss
scoring_elements	0.87764
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5235

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=473234
reference_id	473234
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=473234

reference_url	https://security.gentoo.org/glsa/201006-04
reference_id	GLSA-201006-04
reference_type
scores
url	https://security.gentoo.org/glsa/201006-04

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-5235

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fret-qvh1-13gg

url VCID-fyek-gh73-fybn

vulnerability_id VCID-fyek-gh73-fybn

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1868

reference_id

reference_type

scores

value	0.50657
scoring_system	epss
scoring_elements	0.97897
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/23201.txt
reference_id	OSVDB-88299;CVE-2013-1868
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/23201.txt

fixed_packages

url	pkg:deb/debian/vlc@2.0.5-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.5-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-1868

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyek-gh73-fybn

url VCID-g8zk-8fpn-yqb6

vulnerability_id VCID-g8zk-8fpn-yqb6

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5459

reference_id

reference_type

scores

value	0.01185
scoring_system	epss
scoring_elements	0.79095
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460

fixed_packages

url	pkg:deb/debian/vlc@3.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-5459

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8zk-8fpn-yqb6

url VCID-ge6q-4wte-nqg9

vulnerability_id VCID-ge6q-4wte-nqg9

summary VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1442

reference_id

reference_type

scores

value	0.0182
scoring_system	epss
scoring_elements	0.8318
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1442

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1442
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1442

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
purl	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-1442

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ge6q-4wte-nqg9

url VCID-gpn8-y9dh-q3dx

vulnerability_id VCID-gpn8-y9dh-q3dx

summary Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0296

reference_id

reference_type

scores

value	0.11636
scoring_system	epss
scoring_elements	0.93773
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0296

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0296
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0296

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544
reference_id	461544
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544

reference_url	https://security.gentoo.org/glsa/200803-13
reference_id	GLSA-200803-13
reference_type
scores
url	https://security.gentoo.org/glsa/200803-13

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-6?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-6%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-0296

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gpn8-y9dh-q3dx

url VCID-gyg9-wc51-7ybb

vulnerability_id VCID-gyg9-wc51-7ybb

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6079

reference_id

reference_type

scores

value	0.0062
scoring_system	epss
scoring_elements	0.70347
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080

reference_url	https://security.archlinux.org/ASA-202004-24
reference_id	ASA-202004-24
reference_type
scores
url	https://security.archlinux.org/ASA-202004-24

reference_url

reference_id

AVG-1136

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1489

reference_url	https://security.gentoo.org/glsa/202005-10
reference_id	GLSA-202005-10
reference_type
scores
url	https://security.gentoo.org/glsa/202005-10

reference_url	https://usn.ubuntu.com/7239-1/
reference_id	USN-7239-1
reference_type
scores
url	https://usn.ubuntu.com/7239-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2020-6079

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gyg9-wc51-7ybb

url VCID-h6u5-n817-h3d6

vulnerability_id VCID-h6u5-n817-h3d6

summary Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.

references

reference_url

reference_id

reference_type

scores

value	0.33213
scoring_system	epss
scoring_elements	0.96989
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472635
reference_id	472635
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472635

reference_url	https://security.gentoo.org/glsa/200804-25
reference_id	GLSA-200804-25
reference_type
scores
url	https://security.gentoo.org/glsa/200804-25

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.e-1.1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.e-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-1.1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-1489

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6u5-n817-h3d6

url VCID-h9x2-nkvh-cfan

vulnerability_id VCID-h9x2-nkvh-cfan

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14498

reference_id

reference_type

scores

value	0.00582
scoring_system	epss
scoring_elements	0.69266
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970

reference_url	https://security.gentoo.org/glsa/201909-02
reference_id	GLSA-201909-02
reference_type
scores
url	https://security.gentoo.org/glsa/201909-02

reference_url	https://usn.ubuntu.com/4131-1/
reference_id	USN-4131-1
reference_type
scores
url	https://usn.ubuntu.com/4131-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-14498

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h9x2-nkvh-cfan

url VCID-haah-f18w-23fk

vulnerability_id VCID-haah-f18w-23fk

summary xine-lib contains an exploitable buffer overflow in the VCD handling code

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1475

reference_id

reference_type

scores

value	0.05483
scoring_system	epss
scoring_elements	0.90346
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1475

reference_url	https://security.gentoo.org/glsa/200408-18
reference_id	GLSA-200408-18
reference_type
scores
url	https://security.gentoo.org/glsa/200408-18

reference_url	https://security.gentoo.org/glsa/200409-30
reference_id	GLSA-200409-30
reference_type
scores
url	https://security.gentoo.org/glsa/200409-30

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/386.c
reference_id	OSVDB-10041;CVE-2004-1475
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/386.c

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2004-1475

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-haah-f18w-23fk

url VCID-harf-7fgm-e3bg

vulnerability_id VCID-harf-7fgm-e3bg

summary A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-46814

reference_id

reference_type

scores

value	0.00107
scoring_system	epss
scoring_elements	0.28608
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-46814

reference_url

https://www.videolan.org/security/sb-vlc3019.html

reference_id

sb-vlc3019.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T15:15:48Z/

url

https://www.videolan.org/security/sb-vlc3019.html

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2023-46814

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-harf-7fgm-e3bg

url VCID-htn6-yzy9-5bhh

vulnerability_id VCID-htn6-yzy9-5bhh

summary Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0021

reference_id

reference_type

scores

value	0.10195
scoring_system	epss
scoring_elements	0.9325
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0021

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.3-1squeeze2?distro=trixie
purl	pkg:deb/debian/vlc@1.1.3-1squeeze2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1squeeze2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2011-0021

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-htn6-yzy9-5bhh

url VCID-hw7c-scr8-3ubr

vulnerability_id VCID-hw7c-scr8-3ubr

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14777

reference_id

reference_type

scores

value	0.00307
scoring_system	epss
scoring_elements	0.54196
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970

reference_url	https://security.gentoo.org/glsa/201909-02
reference_id	GLSA-201909-02
reference_type
scores
url	https://security.gentoo.org/glsa/201909-02

reference_url	https://usn.ubuntu.com/4131-1/
reference_id	USN-4131-1
reference_type
scores
url	https://usn.ubuntu.com/4131-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-14777

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hw7c-scr8-3ubr

url VCID-hx7y-pufr-yfcg

vulnerability_id VCID-hx7y-pufr-yfcg

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-26664

reference_id

reference_type

scores

value	0.00296
scoring_system	epss
scoring_elements	0.5318
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-26664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979676
reference_id	979676
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979676

reference_url	https://security.archlinux.org/ASA-202101-35
reference_id	ASA-202101-35
reference_type
scores
url	https://security.archlinux.org/ASA-202101-35

reference_url

https://security.archlinux.org/AVG-1423

reference_id

AVG-1423

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1423

reference_url	https://security.gentoo.org/glsa/202101-37
reference_id	GLSA-202101-37
reference_type
scores
url	https://security.gentoo.org/glsa/202101-37

fixed_packages

url	pkg:deb/debian/vlc@3.0.12-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.12-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2020-26664

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hx7y-pufr-yfcg

url VCID-hy5g-janm-k7db

vulnerability_id VCID-hy5g-janm-k7db

summary Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-4558

reference_id

reference_type

scores

value	0.19574
scoring_system	epss
scoring_elements	0.95514
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-4558

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502314
reference_id	502314
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502314

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/6756.txt
reference_id	OSVDB-63986;CVE-2008-4558;OSVDB-49112
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/6756.txt

reference_url	http://www.coresecurity.com/content/vlc-xspf-memory-corruption
reference_id	OSVDB-63986;CVE-2008-4558;OSVDB-49112
reference_type	exploit
scores
url	http://www.coresecurity.com/content/vlc-xspf-memory-corruption

fixed_packages

url	pkg:deb/debian/vlc@0.9.3-1?distro=trixie
purl	pkg:deb/debian/vlc@0.9.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.9.3-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-4558

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hy5g-janm-k7db

url VCID-j1ew-2wsn-ykfk

vulnerability_id VCID-j1ew-2wsn-ykfk

summary The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-1684

reference_id

reference_type

scores

value	0.1275
scoring_system	epss
scoring_elements	0.94114
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-1684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1684

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743033
reference_id	743033
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743033

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31429.py
reference_id	CVE-2014-1684;OSVDB-103019
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31429.py

reference_url	https://security.gentoo.org/glsa/201603-08
reference_id	GLSA-201603-08
reference_type
scores
url	https://security.gentoo.org/glsa/201603-08

fixed_packages

url	pkg:deb/debian/vlc@2.1.4-1?distro=trixie
purl	pkg:deb/debian/vlc@2.1.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.4-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2014-1684

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1ew-2wsn-ykfk

url VCID-j1m9-4xjz-nfcs

vulnerability_id VCID-j1m9-4xjz-nfcs

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6933

reference_id

reference_type

scores

value	0.03355
scoring_system	epss
scoring_elements	0.87536
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6933

fixed_packages

url	pkg:deb/debian/vlc@2.1.4-1?distro=trixie
purl	pkg:deb/debian/vlc@2.1.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.4-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-6933

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1m9-4xjz-nfcs

url VCID-j4s2-bcsf-mkhj

vulnerability_id VCID-j4s2-bcsf-mkhj

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17670

reference_id

reference_type

scores

value	0.01254
scoring_system	epss
scoring_elements	0.7967
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17670

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17670
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17670

fixed_packages

url	pkg:deb/debian/vlc@3.0.0~rc2-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.0~rc2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.0~rc2-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2017-17670

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4s2-bcsf-mkhj

url VCID-jk2v-69pf-7yea

vulnerability_id VCID-jk2v-69pf-7yea

summary Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3732

reference_id

reference_type

scores

value	0.32143
scoring_system	epss
scoring_elements	0.9691
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732

reference_url	https://security.gentoo.org/glsa/200809-06
reference_id	GLSA-200809-06
reference_type
scores
url	https://security.gentoo.org/glsa/200809-06

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6252.txt
reference_id	OSVDB-47541;CVE-2008-3732
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6252.txt

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.h-2?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.h-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-3732

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jk2v-69pf-7yea

url VCID-jkex-a5gg-qbf4

vulnerability_id VCID-jkex-a5gg-qbf4

summary plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine." A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3245

reference_id

reference_type

scores

value	0.01865
scoring_system	epss
scoring_elements	0.83388
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3245

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245

reference_url

http://secunia.com/blog/372/

reference_id

372

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://secunia.com/blog/372/

reference_url

http://secunia.com/advisories/52956

reference_id

52956

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://secunia.com/advisories/52956

reference_url

http://www.securityfocus.com/bid/61032

reference_id

61032

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://www.securityfocus.com/bid/61032

reference_url

http://seclists.org/fulldisclosure/2013/Jul/71

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/71

reference_url

http://seclists.org/fulldisclosure/2013/Jul/77

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/77

reference_url

http://seclists.org/fulldisclosure/2013/Jul/79

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://seclists.org/fulldisclosure/2013/Jul/79

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

reference_url

http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia

reference_id

More-lies-from-Secunia

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/

url

http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia

fixed_packages

url	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-3245

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jkex-a5gg-qbf4

url VCID-k3tp-vnj7-q3f3

vulnerability_id VCID-k3tp-vnj7-q3f3

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-8311

reference_id

reference_type

scores

value	0.07052
scoring_system	epss
scoring_elements	0.91627
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-8311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313

reference_url	https://security.archlinux.org/ASA-201706-1
reference_id	ASA-201706-1
reference_type
scores
url	https://security.archlinux.org/ASA-201706-1

reference_url

reference_id

AVG-283

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14778

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44514.py
reference_id	CVE-2017-8311
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44514.py

reference_url	https://security.gentoo.org/glsa/201707-10
reference_id	GLSA-201707-10
reference_type
scores
url	https://security.gentoo.org/glsa/201707-10

fixed_packages

url	pkg:deb/debian/vlc@2.2.5-1?distro=trixie
purl	pkg:deb/debian/vlc@2.2.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.5-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2017-8311

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k3tp-vnj7-q3f3

url VCID-k937-r667-5fg5

vulnerability_id VCID-k937-r667-5fg5

summary

references

reference_url

reference_id

reference_type

scores

value	0.00307
scoring_system	epss
scoring_elements	0.54196
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970

reference_url	https://security.gentoo.org/glsa/201909-02
reference_id	GLSA-201909-02
reference_type
scores
url	https://security.gentoo.org/glsa/201909-02

reference_url	https://usn.ubuntu.com/4131-1/
reference_id	USN-4131-1
reference_type
scores
url	https://usn.ubuntu.com/4131-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-14778

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k937-r667-5fg5

url VCID-kh3n-9s3z-sqhj

vulnerability_id VCID-kh3n-9s3z-sqhj

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6071

reference_id

reference_type

scores

value	0.00467
scoring_system	epss
scoring_elements	0.64749
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080

reference_url	https://security.archlinux.org/ASA-202004-24
reference_id	ASA-202004-24
reference_type
scores
url	https://security.archlinux.org/ASA-202004-24

reference_url

reference_id

AVG-1136

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2062

reference_url	https://security.gentoo.org/glsa/202005-10
reference_id	GLSA-202005-10
reference_type
scores
url	https://security.gentoo.org/glsa/202005-10

reference_url	https://usn.ubuntu.com/7239-1/
reference_id	USN-7239-1
reference_type
scores
url	https://usn.ubuntu.com/7239-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2020-6071

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kh3n-9s3z-sqhj

url VCID-kmyx-swec-bbg9

vulnerability_id VCID-kmyx-swec-bbg9

summary Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header.

references

reference_url

reference_id

reference_type

scores

value	0.02991
scoring_system	epss
scoring_elements	0.8678
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2062
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2062

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581245
reference_id	581245
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581245

reference_url	https://security.gentoo.org/glsa/201310-13
reference_id	GLSA-201310-13
reference_type
scores
url	https://security.gentoo.org/glsa/201310-13

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.0.1-1?distro=trixie
purl	pkg:deb/debian/vlc@1.0.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.1-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-2062

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kmyx-swec-bbg9

url VCID-ky41-ymby-m7ey

vulnerability_id VCID-ky41-ymby-m7ey

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-8310

reference_id

reference_type

scores

value	0.00183
scoring_system	epss
scoring_elements	0.39771
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-8310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313

reference_url	https://security.archlinux.org/ASA-201706-1
reference_id	ASA-201706-1
reference_type
scores
url	https://security.archlinux.org/ASA-201706-1

reference_url

reference_id

AVG-283

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0904

reference_url	https://security.gentoo.org/glsa/201707-10
reference_id	GLSA-201707-10
reference_type
scores
url	https://security.gentoo.org/glsa/201707-10

fixed_packages

url	pkg:deb/debian/vlc@2.2.5.1-1~deb9u1?distro=trixie
purl	pkg:deb/debian/vlc@2.2.5.1-1~deb9u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.5.1-1~deb9u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2017-8310

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ky41-ymby-m7ey

url VCID-m6vp-3n9d-3yb8

vulnerability_id VCID-m6vp-3n9d-3yb8

summary VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file.

references

reference_url

reference_id

reference_type

scores

value	0.08065
scoring_system	epss
scoring_elements	0.92257
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0904

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18309.pl
reference_id	OSVDB-78618;CVE-2012-0904
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18309.pl

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2012-0904

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m6vp-3n9d-3yb8

url VCID-mfeq-7yau-27aw

vulnerability_id VCID-mfeq-7yau-27aw

summary Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2430

reference_id

reference_type

scores

value	0.07893
scoring_system	epss
scoring_elements	0.92143
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489004
reference_id	489004
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489004

reference_url	https://security.gentoo.org/glsa/200807-13
reference_id	GLSA-200807-13
reference_type
scores
url	https://security.gentoo.org/glsa/200807-13

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.h-1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.h-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-2430

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mfeq-7yau-27aw

url VCID-mh6m-sbyf-dkag

vulnerability_id VCID-mh6m-sbyf-dkag

summary Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3565

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.51819
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3565

fixed_packages

url	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-3565

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mh6m-sbyf-dkag

url VCID-mkyh-xdxg-dyg4

vulnerability_id VCID-mkyh-xdxg-dyg4

summary Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0295

reference_id

reference_type

scores

value	0.32938
scoring_system	epss
scoring_elements	0.96973
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0295

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0295
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0295

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544
reference_id	461544
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544

reference_url	https://security.gentoo.org/glsa/200803-13
reference_id	GLSA-200803-13
reference_type
scores
url	https://security.gentoo.org/glsa/200803-13

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-6?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-6%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-0295

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyh-xdxg-dyg4

url VCID-mmgn-gpwj-5ygx

vulnerability_id VCID-mmgn-gpwj-5ygx

summary

Multiple vulnerabilities in xine-lib might result in the remote execution
    of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5248

reference_id

reference_type

scores

value	0.00564
scoring_system	epss
scoring_elements	0.68711
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5248

reference_url	https://security.gentoo.org/glsa/201006-04
reference_id	GLSA-201006-04
reference_type
scores
url	https://security.gentoo.org/glsa/201006-04

reference_url	https://usn.ubuntu.com/710-1/
reference_id	USN-710-1
reference_type
scores
url	https://usn.ubuntu.com/710-1/

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-5248

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mmgn-gpwj-5ygx

url VCID-mp8n-w4cb-63h9

vulnerability_id VCID-mp8n-w4cb-63h9

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6080

reference_id

reference_type

scores

value	0.00311
scoring_system	epss
scoring_elements	0.54507
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080

reference_url	https://security.archlinux.org/ASA-202004-24
reference_id	ASA-202004-24
reference_type
scores
url	https://security.archlinux.org/ASA-202004-24

reference_url

reference_id

AVG-1136

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9300

reference_url	https://security.gentoo.org/glsa/202005-10
reference_id	GLSA-202005-10
reference_type
scores
url	https://security.gentoo.org/glsa/202005-10

reference_url	https://usn.ubuntu.com/7239-1/
reference_id	USN-7239-1
reference_type
scores
url	https://usn.ubuntu.com/7239-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2020-6080

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mp8n-w4cb-63h9

url VCID-n48x-hmbw-sbeu

vulnerability_id VCID-n48x-hmbw-sbeu

summary arbitrary code execution

references

reference_url

reference_id

reference_type

scores

value	0.00339
scoring_system	epss
scoring_elements	0.56873
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-9300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10699
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10699

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9300

reference_url	https://security.archlinux.org/ASA-201712-4
reference_id	ASA-201712-4
reference_type
scores
url	https://security.archlinux.org/ASA-201712-4

reference_url

reference_id

AVG-533

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10699

fixed_packages

url	pkg:deb/debian/vlc@2.2.6-3?distro=trixie
purl	pkg:deb/debian/vlc@2.2.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.6-3%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2017-9300

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n48x-hmbw-sbeu

url VCID-n5a7-1ffj-u3fa

vulnerability_id VCID-n5a7-1ffj-u3fa

summary arbitrary code execution

references

reference_url

reference_id

reference_type

scores

value	0.00675
scoring_system	epss
scoring_elements	0.71809
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10699

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10699
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10699

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9300

reference_url	https://security.archlinux.org/ASA-201712-4
reference_id	ASA-201712-4
reference_type
scores
url	https://security.archlinux.org/ASA-201712-4

reference_url

reference_id

AVG-533

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1087

reference_url	https://usn.ubuntu.com/USN-4805-1/
reference_id	USN-USN-4805-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4805-1/

fixed_packages

url	pkg:deb/debian/vlc@2.2.6-3?distro=trixie
purl	pkg:deb/debian/vlc@2.2.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.6-3%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2017-10699

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n5a7-1ffj-u3fa

url VCID-n6au-6hme-2bgr

vulnerability_id VCID-n6au-6hme-2bgr

summary Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.

references

reference_url

reference_id

reference_type

scores

value	0.11007
scoring_system	epss
scoring_elements	0.93546
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1087
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1087

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616156
reference_id	616156
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616156

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.10-1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.10-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2011-1087

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n6au-6hme-2bgr

url VCID-ncpt-w2jn-xqer

vulnerability_id VCID-ncpt-w2jn-xqer

summary Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-3623

reference_id

reference_type

scores

value	0.03687
scoring_system	epss
scoring_elements	0.88131
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-3623

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3623
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3623

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.3-1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2011-3623

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncpt-w2jn-xqer

url VCID-nhfw-24cw-cqge

vulnerability_id VCID-nhfw-24cw-cqge

summary The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6683

reference_id

reference_type

scores

value	0.00895
scoring_system	epss
scoring_elements	0.75938
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6683

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318
reference_id	458318
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318

reference_url	https://security.gentoo.org/glsa/200803-13
reference_id	GLSA-200803-13
reference_type
scores
url	https://security.gentoo.org/glsa/200803-13

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-6683

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nhfw-24cw-cqge

url VCID-nmu8-cndc-nka7

vulnerability_id VCID-nmu8-cndc-nka7

summary Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2147

reference_id

reference_type

scores

value	0.00079
scoring_system	epss
scoring_elements	0.23392
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2147

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2147
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2147

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480724
reference_id	480724
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480724

reference_url	https://security.gentoo.org/glsa/200807-13
reference_id	GLSA-200807-13
reference_type
scores
url	https://security.gentoo.org/glsa/200807-13

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.e-2.2?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.e-2.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2.2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-2147

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmu8-cndc-nka7

url VCID-nszk-4m4b-dkdg

vulnerability_id VCID-nszk-4m4b-dkdg

summary

Multiple vulnerabilities have been found in VLC, the worst of which
    could lead to user-assisted execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-6934

reference_id

reference_type

scores

value	0.03978
scoring_system	epss
scoring_elements	0.88593
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-6934

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2013-6934

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nszk-4m4b-dkdg

url VCID-nw3h-5kpy-buhq

vulnerability_id VCID-nw3h-5kpy-buhq

summary

Multiple vulnerabilities in xine-lib might result in the remote execution
    of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5233

reference_id

reference_type

scores

value	0.01413
scoring_system	epss
scoring_elements	0.80848
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5233

reference_url	https://security.gentoo.org/glsa/201006-04
reference_id	GLSA-201006-04
reference_type
scores
url	https://security.gentoo.org/glsa/201006-04

reference_url	https://usn.ubuntu.com/710-1/
reference_id	USN-710-1
reference_type
scores
url	https://usn.ubuntu.com/710-1/

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-5233

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nw3h-5kpy-buhq

url VCID-p86b-zj2h-6fb9

vulnerability_id VCID-p86b-zj2h-6fb9

summary Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5032

reference_id

reference_type

scores

value	0.18203
scoring_system	epss
scoring_elements	0.95308
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5032

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5032
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5032

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504639
reference_id	504639
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504639

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9686.py
reference_id	CVE-2008-5032;OSVDB-49808
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9686.py

reference_url	https://security.gentoo.org/glsa/200812-24
reference_id	GLSA-200812-24
reference_type
scores
url	https://security.gentoo.org/glsa/200812-24

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.h-5?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.h-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-5%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-5032

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p86b-zj2h-6fb9

url VCID-p9qv-v6j4-pufq

vulnerability_id VCID-p9qv-v6j4-pufq

summary Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-2194

reference_id

reference_type

scores

value	0.12877
scoring_system	epss
scoring_elements	0.94163
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-2194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2194

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/17372.txt
reference_id	CVE-2011-2194;OSVDB-73450
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/17372.txt

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.10-1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.10-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2011-2194

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9qv-v6j4-pufq

url VCID-pf1e-b2s2-ebfr

vulnerability_id VCID-pf1e-b2s2-ebfr

summary VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a crafted .wmv file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-0256

reference_id

reference_type

scores

value	0.21639
scoring_system	epss
scoring_elements	0.95823
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-0256

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0256
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0256

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407290
reference_id	407290
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407290

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/3119.py
reference_id	CVE-2007-0256
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/3119.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/29443.py
reference_id	CVE-2007-0256;OSVDB-39022
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/29443.py

reference_url	https://www.securityfocus.com/bid/22003/info
reference_id	CVE-2007-0256;OSVDB-39022
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/22003/info

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-0256

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pf1e-b2s2-ebfr

url VCID-pk5k-1v8q-37cp

vulnerability_id VCID-pk5k-1v8q-37cp

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9628

reference_id

reference_type

scores

value	0.01634
scoring_system	epss
scoring_elements	0.82218
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866
reference_id	775866
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866

reference_url	https://security.gentoo.org/glsa/201603-08
reference_id	GLSA-201603-08
reference_type
scores
url	https://security.gentoo.org/glsa/201603-08

fixed_packages

url	pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie
purl	pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2014-9628

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pk5k-1v8q-37cp

url VCID-pmsk-muwc-uffz

vulnerability_id VCID-pmsk-muwc-uffz

summary Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9743

reference_id

reference_type

scores

value	0.00256
scoring_system	epss
scoring_elements	0.49116
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9743

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9743
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9743

fixed_packages

url	pkg:deb/debian/vlc@2.2.0~rc2-1?distro=trixie
purl	pkg:deb/debian/vlc@2.2.0~rc2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2014-9743

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pmsk-muwc-uffz

url VCID-q36j-35sw-nkeh

vulnerability_id VCID-q36j-35sw-nkeh

summary Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3907

reference_id

reference_type

scores

value	0.02757
scoring_system	epss
scoring_elements	0.86255
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3907

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3907

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.3-1squeeze1?distro=trixie
purl	pkg:deb/debian/vlc@1.1.3-1squeeze1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1squeeze1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-3907

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q36j-35sw-nkeh

url VCID-q7v4-bzmj-fufj

vulnerability_id VCID-q7v4-bzmj-fufj

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41325

reference_id

reference_type

scores

value	0.00087
scoring_system	epss
scoring_elements	0.24946
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41325

reference_url

https://twitter.com/0xMitsurugi

reference_id

0xMitsurugi

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/

url

https://twitter.com/0xMitsurugi

reference_url

https://www.debian.org/security/2022/dsa-5297

reference_id

dsa-5297

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/

url

https://www.debian.org/security/2022/dsa-5297

reference_url	https://security.gentoo.org/glsa/202409-17
reference_id	GLSA-202409-17
reference_type
scores
url	https://security.gentoo.org/glsa/202409-17

reference_url

https://www.videolan.org/security/sb-vlc3018.html

reference_id

sb-vlc3018.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/

url

https://www.videolan.org/security/sb-vlc3018.html

reference_url	https://usn.ubuntu.com/6180-1/
reference_id	USN-6180-1
reference_type
scores
url	https://usn.ubuntu.com/6180-1/

reference_url

https://www.synacktiv.com/sites/default/files/2022-11/vlc_vnc_int_overflow-CVE-2022-41325.pdf

reference_id

vlc_vnc_int_overflow-CVE-2022-41325.pdf

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/

url

https://www.synacktiv.com/sites/default/files/2022-11/vlc_vnc_int_overflow-CVE-2022-41325.pdf

fixed_packages

url	pkg:deb/debian/vlc@3.0.18-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.18-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.18-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.18-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.18-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.18-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2022-41325

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q7v4-bzmj-fufj

url VCID-qmva-vqp9-wkfq

vulnerability_id VCID-qmva-vqp9-wkfq

summary Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) A/52, (2) DTS, or (3) MPEG Audio decoder.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1441

reference_id

reference_type

scores

value	0.01795
scoring_system	epss
scoring_elements	0.8308
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1441

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1441
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1441

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
purl	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-1441

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmva-vqp9-wkfq

url VCID-qqmh-7j5d-fyau

vulnerability_id VCID-qqmh-7j5d-fyau

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6072

reference_id

reference_type

scores

value	0.0112
scoring_system	epss
scoring_elements	0.78545
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080

reference_url	https://security.archlinux.org/ASA-202004-24
reference_id	ASA-202004-24
reference_type
scores
url	https://security.archlinux.org/ASA-202004-24

reference_url

reference_id

AVG-1136

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3468

reference_url	https://security.gentoo.org/glsa/202005-10
reference_id	GLSA-202005-10
reference_type
scores
url	https://security.gentoo.org/glsa/202005-10

reference_url	https://usn.ubuntu.com/7239-1/
reference_id	USN-7239-1
reference_type
scores
url	https://usn.ubuntu.com/7239-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2020-6072

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qqmh-7j5d-fyau

100

url VCID-r5k9-wp2y-dkdx

vulnerability_id VCID-r5k9-wp2y-dkdx

summary input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.

references

reference_url

reference_id

reference_type

scores

value	0.0103
scoring_system	epss
scoring_elements	0.77614
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3468

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3468
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3468

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726
reference_id	429726
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c.debian-1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c.debian-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c.debian-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-3468

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r5k9-wp2y-dkdx

101

url VCID-r6ha-cnd9-8qhv

vulnerability_id VCID-r6ha-cnd9-8qhv

summary codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3441

reference_id

reference_type

scores

value	0.07967
scoring_system	epss
scoring_elements	0.92191
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3441

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39177.py
reference_id	CVE-2014-3441;OSVDB-106843
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39177.py

reference_url	https://www.securityfocus.com/bid/67315/info
reference_id	CVE-2014-3441;OSVDB-106843
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/67315/info

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2014-3441

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6ha-cnd9-8qhv

102

url VCID-ra3c-5cmg-3kbc

vulnerability_id VCID-ra3c-5cmg-3kbc

summary Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-0017

reference_id

reference_type

scores

value	0.51215
scoring_system	epss
scoring_elements	0.97924
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-0017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0017

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405425
reference_id	405425
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405425

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/3069.pl
reference_id	CVE-2007-0017
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/3069.pl

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/local/3070.pl
reference_id	CVE-2007-0017
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/local/3070.pl

reference_url	https://security.gentoo.org/glsa/200701-24
reference_id	GLSA-200701-24
reference_type
scores
url	https://security.gentoo.org/glsa/200701-24

fixed_packages

url	pkg:deb/debian/vlc@0.8.6-svn20061012.debian-1.2?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6-svn20061012.debian-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6-svn20061012.debian-1.2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-0017

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ra3c-5cmg-3kbc

103

url VCID-rtqa-7qnr-6kap

vulnerability_id VCID-rtqa-7qnr-6kap

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14438

reference_id

reference_type

scores

value	0.0051
scoring_system	epss
scoring_elements	0.66665
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970

reference_url	https://security.gentoo.org/glsa/201909-02
reference_id	GLSA-201909-02
reference_type
scores
url	https://security.gentoo.org/glsa/201909-02

reference_url	https://usn.ubuntu.com/4131-1/
reference_id	USN-4131-1
reference_type
scores
url	https://usn.ubuntu.com/4131-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-14438

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rtqa-7qnr-6kap

104

url VCID-shrz-362s-4bcd

vulnerability_id VCID-shrz-362s-4bcd

summary Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF."

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3941

reference_id

reference_type

scores

value	0.00307
scoring_system	epss
scoring_elements	0.54139
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3941

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941

fixed_packages

url	pkg:deb/debian/vlc@2.2.0-1?distro=trixie
purl	pkg:deb/debian/vlc@2.2.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2016-3941

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-shrz-362s-4bcd

105

url VCID-sjvw-g3qd-eyep

vulnerability_id VCID-sjvw-g3qd-eyep

summary xine-lib: Quicktime STTS Atom Integer Overflow (TKADV2009-005)

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1274.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1274.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1274

reference_id

reference_type

scores

value	0.03701
scoring_system	epss
scoring_elements	0.8815
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1274

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=495031
reference_id	495031
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=495031

reference_url	https://security.gentoo.org/glsa/201006-04
reference_id	GLSA-201006-04
reference_type
scores
url	https://security.gentoo.org/glsa/201006-04

reference_url	https://usn.ubuntu.com/763-1/
reference_id	USN-763-1
reference_type
scores
url	https://usn.ubuntu.com/763-1/

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2009-1274

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sjvw-g3qd-eyep

106

url VCID-skfs-uz7r-mfbj

vulnerability_id VCID-skfs-uz7r-mfbj

summary

xine-lib is vulnerable to multiple buffer overflows when processing FLAC
    and ASF streams.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-1664

reference_id

reference_type

scores

value	0.06458
scoring_system	epss
scoring_elements	0.91212
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-1664

reference_url	https://security.gentoo.org/glsa/200604-16
reference_id	GLSA-200604-16
reference_type
scores
url	https://security.gentoo.org/glsa/200604-16

reference_url	https://security.gentoo.org/glsa/200802-12
reference_id	GLSA-200802-12
reference_type
scores
url	https://security.gentoo.org/glsa/200802-12

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/1641.pl
reference_id	OSVDB-42658;CVE-2008-1110;OSVDB-25004;CVE-2006-1664;OSVDB-24581
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/1641.pl

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2006-1664

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-skfs-uz7r-mfbj

107

url VCID-snpw-1gbj-2udf

vulnerability_id VCID-snpw-1gbj-2udf

summary

Multiple vulnerabilities have been found in VLC allowing remote
    attackers to execute arbitrary code or cause Denial of Service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9625

reference_id

reference_type

scores

value	0.01634
scoring_system	epss
scoring_elements	0.82218
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9625

reference_url	https://security.gentoo.org/glsa/201603-08
reference_id	GLSA-201603-08
reference_type
scores
url	https://security.gentoo.org/glsa/201603-08

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2014-9625

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snpw-1gbj-2udf

108

url VCID-sp9r-p23e-zqhj

vulnerability_id VCID-sp9r-p23e-zqhj

summary The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty location element in an XML Shareable Playlist Format (XSPF) document.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1443

reference_id

reference_type

scores

value	0.00535
scoring_system	epss
scoring_elements	0.6772
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1443

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1443
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1443

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
purl	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-1443

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sp9r-p23e-zqhj

109

url VCID-svw6-aaq2-m3hf

vulnerability_id VCID-svw6-aaq2-m3hf

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5949

reference_id

reference_type

scores

value	0.07445
scoring_system	epss
scoring_elements	0.91872
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5949

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5949

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796255
reference_id	796255
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796255

reference_url	https://security.gentoo.org/glsa/201603-08
reference_id	GLSA-201603-08
reference_type
scores
url	https://security.gentoo.org/glsa/201603-08

fixed_packages

url	pkg:deb/debian/vlc@2.2.1-3?distro=trixie
purl	pkg:deb/debian/vlc@2.2.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.1-3%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2015-5949

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svw6-aaq2-m3hf

110

url VCID-t4v1-1k8v-uybx

vulnerability_id VCID-t4v1-1k8v-uybx

summary The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted archive.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1444

reference_id

reference_type

scores

value	0.019
scoring_system	epss
scoring_elements	0.83543
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1444

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1444
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1444

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
purl	pkg:deb/debian/vlc@1.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-1444

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4v1-1k8v-uybx

111

url VCID-t9s4-nm75-bkc7

vulnerability_id VCID-t9s4-nm75-bkc7

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-47360

reference_id

reference_type

scores

value	0.00094
scoring_system	epss
scoring_elements	0.26156
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-47360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47360

reference_url

reference_id

mms

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:43:13Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html

reference_url

reference_id

msg00034.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:43:13Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html

reference_url	https://usn.ubuntu.com/6783-1/
reference_id	USN-6783-1
reference_type
scores
url	https://usn.ubuntu.com/6783-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.20-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.20-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.20-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.20-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.20-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.20-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2023-47360

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9s4-nm75-bkc7

112

url VCID-td8j-zjkp-hfdd

vulnerability_id VCID-td8j-zjkp-hfdd

summary taglib: Division by zero while parsing properties of certain MP4 audio files

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2396.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2396.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2396

reference_id

reference_type

scores

value	0.02037
scoring_system	epss
scoring_elements	0.84103
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2396

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=818583
reference_id	818583
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=818583

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18757.txt
reference_id	CVE-2012-2396;OSVDB-81224
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18757.txt

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2012-2396

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-td8j-zjkp-hfdd

113

url VCID-tt91-ztvn-kbf6

vulnerability_id VCID-tt91-ztvn-kbf6

summary Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3316

reference_id

reference_type

scores

value	0.30256
scoring_system	epss
scoring_elements	0.96764
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3316

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3316
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3316

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726
reference_id	429726
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726

reference_url	https://security.gentoo.org/glsa/200707-12
reference_id	GLSA-200707-12
reference_type
scores
url	https://security.gentoo.org/glsa/200707-12

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-3316

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt91-ztvn-kbf6

114

url VCID-u3h3-qmbh-13br

vulnerability_id VCID-u3h3-qmbh-13br

summary Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

reference_id

reference_type

scores

value	0.82125
scoring_system	epss
scoring_elements	0.9923
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4654
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4654

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502726
reference_id	502726
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502726

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16629.rb
reference_id	CVE-2008-4654;OSVDB-49181
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16629.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6798.pl
reference_id	OSVDB-49453;CVE-2008-4686;OSVDB-49181;CVE-2008-4654
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6798.pl

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6825.pl
reference_id	OSVDB-49453;CVE-2008-4686;OSVDB-49181;CVE-2008-4654
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6825.pl

fixed_packages

url	pkg:deb/debian/vlc@1.0.3-1?distro=trixie
purl	pkg:deb/debian/vlc@1.0.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.3-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-4654

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3h3-qmbh-13br

115

url VCID-u79p-e66u-43at

vulnerability_id VCID-u79p-e66u-43at

summary Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5276

reference_id

reference_type

scores

value	0.05924
scoring_system	epss
scoring_elements	0.90755
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5276

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5276
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5276

reference_url	https://security.gentoo.org/glsa/200812-24
reference_id	GLSA-200812-24
reference_type
scores
url	https://security.gentoo.org/glsa/200812-24

fixed_packages

url	pkg:deb/debian/vlc@0.9.8a-1?distro=trixie
purl	pkg:deb/debian/vlc@0.9.8a-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.9.8a-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-5276

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u79p-e66u-43at

116

url VCID-ucjs-875y-afhs

vulnerability_id VCID-ucjs-875y-afhs

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14970

reference_id

reference_type

scores

value	0.00623
scoring_system	epss
scoring_elements	0.70462
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14970

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970

reference_url	https://security.gentoo.org/glsa/201909-02
reference_id	GLSA-201909-02
reference_type
scores
url	https://security.gentoo.org/glsa/201909-02

reference_url	https://usn.ubuntu.com/4131-1/
reference_id	USN-4131-1
reference_type
scores
url	https://usn.ubuntu.com/4131-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-14970

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ucjs-875y-afhs

117

url VCID-ufqp-rwut-g3dc

vulnerability_id VCID-ufqp-rwut-g3dc

summary The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0522

reference_id

reference_type

scores

value	0.66189
scoring_system	epss
scoring_elements	0.98542
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0522

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0522
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0522

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/16108.txt
reference_id	CVE-2011-0522;OSVDB-72906;OSVDB-72905
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/16108.txt

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

fixed_packages

url	pkg:deb/debian/vlc@1.1.3-1squeeze2?distro=trixie
purl	pkg:deb/debian/vlc@1.1.3-1squeeze2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1squeeze2%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2011-0522

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ufqp-rwut-g3dc

118

url VCID-ug67-e5a7-bugv

vulnerability_id VCID-ug67-e5a7-bugv

summary Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3794

reference_id

reference_type

scores

value	0.09199
scoring_system	epss
scoring_elements	0.9283
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496265
reference_id	496265
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496265

reference_url	https://security.gentoo.org/glsa/200809-06
reference_id	GLSA-200809-06
reference_type
scores
url	https://security.gentoo.org/glsa/200809-06

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6293.txt
reference_id	OSVDB-47836;CVE-2008-3794
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6293.txt

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.h-4?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.h-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-4%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-3794

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ug67-e5a7-bugv

119

url VCID-umcc-yy7j-2qc3

vulnerability_id VCID-umcc-yy7j-2qc3

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5460

reference_id

reference_type

scores

value	0.00914
scoring_system	epss
scoring_elements	0.76219
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5460

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460

fixed_packages

url	pkg:deb/debian/vlc@3.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-5460

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umcc-yy7j-2qc3

120

url VCID-un24-zjr5-t7d7

vulnerability_id VCID-un24-zjr5-t7d7

summary The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-11516

reference_id

reference_type

scores

value	0.00601
scoring_system	epss
scoring_elements	0.69805
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-11516

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11516

fixed_packages

url	pkg:deb/debian/vlc@3.0.2-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.2-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2018-11516

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-un24-zjr5-t7d7

121

url VCID-veky-7hh5-byhq

vulnerability_id VCID-veky-7hh5-byhq

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6073

reference_id

reference_type

scores

value	0.00549
scoring_system	epss
scoring_elements	0.68248
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080

reference_url	https://security.archlinux.org/ASA-202004-24
reference_id	ASA-202004-24
reference_type
scores
url	https://security.archlinux.org/ASA-202004-24

reference_url

reference_id

AVG-1136

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5036

reference_url	https://security.gentoo.org/glsa/202005-10
reference_id	GLSA-202005-10
reference_type
scores
url	https://security.gentoo.org/glsa/202005-10

reference_url	https://usn.ubuntu.com/7239-1/
reference_id	USN-7239-1
reference_type
scores
url	https://usn.ubuntu.com/7239-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
purl	pkg:deb/debian/vlc@3.0.8-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2020-6073

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-veky-7hh5-byhq

122

url VCID-vmmu-2y2z-yygw

vulnerability_id VCID-vmmu-2y2z-yygw

summary Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.

references

reference_url

reference_id

reference_type

scores

value	0.68724
scoring_system	epss
scoring_elements	0.98642
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5036

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5036
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5036

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/7051.pl
reference_id	CVE-2008-5036
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/7051.pl

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18548.rb
reference_id	CVE-2008-5036;OSVDB-49809
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18548.rb

reference_url	http://www.trapkit.de/advisories/TKADV2008-011.txt
reference_id	CVE-2008-5036;OSVDB-49809
reference_type	exploit
scores
url	http://www.trapkit.de/advisories/TKADV2008-011.txt

reference_url	https://security.gentoo.org/glsa/200812-24
reference_id	GLSA-200812-24
reference_type
scores
url	https://security.gentoo.org/glsa/200812-24

fixed_packages

url	pkg:deb/debian/vlc@1.0.3-1?distro=trixie
purl	pkg:deb/debian/vlc@1.0.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.3-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2008-5036

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vmmu-2y2z-yygw

123

url VCID-w7xq-byfg-affv

vulnerability_id VCID-w7xq-byfg-affv

summary arbitrary code execution

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12874

reference_id

reference_type

scores

value	0.00897
scoring_system	epss
scoring_elements	0.75957
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460

reference_url	https://security.archlinux.org/ASA-201906-22
reference_id	ASA-201906-22
reference_type
scores
url	https://security.archlinux.org/ASA-201906-22

reference_url

reference_id

AVG-998

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19857

reference_url	https://security.gentoo.org/glsa/201908-23
reference_id	GLSA-201908-23
reference_type
scores
url	https://security.gentoo.org/glsa/201908-23

reference_url	https://usn.ubuntu.com/4074-1/
reference_id	USN-4074-1
reference_type
scores
url	https://usn.ubuntu.com/4074-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.7-1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2019-12874

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w7xq-byfg-affv

124

url VCID-w9z6-r2x4-bbeh

vulnerability_id VCID-w9z6-r2x4-bbeh

summary security update

references

reference_url

reference_id

reference_type

scores

value	0.01486
scoring_system	epss
scoring_elements	0.81334
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19857

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915760
reference_id	915760
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915760

reference_url	https://usn.ubuntu.com/4074-1/
reference_id	USN-4074-1
reference_type
scores
url	https://usn.ubuntu.com/4074-1/

fixed_packages

url	pkg:deb/debian/vlc@3.0.4-4?distro=trixie
purl	pkg:deb/debian/vlc@3.0.4-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.4-4%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2018-19857

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9z6-r2x4-bbeh

125

url VCID-wfhz-6d7j-7ff5

vulnerability_id VCID-wfhz-6d7j-7ff5

summary Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-0364

reference_id

reference_type

scores

value	0.20632
scoring_system	epss
scoring_elements	0.95682
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-0364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0364

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318
reference_id	458318
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11174.c
reference_id	OSVDB-61895;CVE-2010-0364
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11174.c

fixed_packages

url	pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie
purl	pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2010-0364

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfhz-6d7j-7ff5

126

url VCID-wukc-mwey-5uar

vulnerability_id VCID-wukc-mwey-5uar

summary A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability."

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6262

reference_id

reference_type

scores

value	0.22802
scoring_system	epss
scoring_elements	0.95975
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6262

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/4688.html
reference_id	OSVDB-42192;CVE-2007-6262
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/4688.html

reference_url	http://www.coresecurity.com/?action=item&id=2035
reference_id	OSVDB-42192;CVE-2007-6262
reference_type	exploit
scores
url	http://www.coresecurity.com/?action=item&id=2035

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2007-6262

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wukc-mwey-5uar

127

url VCID-x2rm-v3qg-nbcb

vulnerability_id VCID-x2rm-v3qg-nbcb

summary Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long smb URI in a playlist file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2484

reference_id

reference_type

scores

value	0.71229
scoring_system	epss
scoring_elements	0.98736
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2484

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/local/16678.rb
reference_id	CVE-2009-2484;OSVDB-55509
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/local/16678.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9029.rb
reference_id	OSVDB-55509;CVE-2009-2484
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9029.rb

fixed_packages

url	pkg:deb/debian/vlc@0?distro=trixie
purl	pkg:deb/debian/vlc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

aliases CVE-2009-2484

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x2rm-v3qg-nbcb

128

url VCID-x5ac-mxn1-3kbb

vulnerability_id VCID-x5ac-mxn1-3kbb

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6078

reference_id

reference_type

scores

value	0.00549
scoring_system	epss
scoring_elements	0.68248
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080

reference_url	https://security.archlinux.org/ASA-202004-24
reference_id	ASA-202004-24
reference_type
scores
url	https://security.archlinux.org/ASA-202004-24

reference_url

reference_id

AVG-1136

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url