| 0 |
| url |
VCID-2cm1-sqxz-h7d2 |
| vulnerability_id |
VCID-2cm1-sqxz-h7d2 |
| summary |
A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-25801 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02324 |
| scoring_system |
epss |
| scoring_elements |
0.85106 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.02324 |
| scoring_system |
epss |
| scoring_elements |
0.8513 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.02324 |
| scoring_system |
epss |
| scoring_elements |
0.85135 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.02324 |
| scoring_system |
epss |
| scoring_elements |
0.85129 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.02324 |
| scoring_system |
epss |
| scoring_elements |
0.85119 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-25801 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-25801
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2cm1-sqxz-h7d2 |
|
| 1 |
|
| 2 |
| url |
VCID-2ymu-55hb-aydp |
| vulnerability_id |
VCID-2ymu-55hb-aydp |
| summary |
multiple issues |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-8311 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07052 |
| scoring_system |
epss |
| scoring_elements |
0.91648 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.07052 |
| scoring_system |
epss |
| scoring_elements |
0.9166 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.07052 |
| scoring_system |
epss |
| scoring_elements |
0.91662 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.07052 |
| scoring_system |
epss |
| scoring_elements |
0.91659 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.07052 |
| scoring_system |
epss |
| scoring_elements |
0.91657 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-8311 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
|
| aliases |
CVE-2017-8311
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2ymu-55hb-aydp |
|
| 3 |
| url |
VCID-39m5-1raf-aqdk |
| vulnerability_id |
VCID-39m5-1raf-aqdk |
| summary |
multiple issues |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-8312 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56837 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56888 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56896 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56884 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56869 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-8312 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
|
| aliases |
CVE-2017-8312
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-39m5-1raf-aqdk |
|
| 4 |
|
| 5 |
| url |
VCID-3maf-pscz-tqdu |
| vulnerability_id |
VCID-3maf-pscz-tqdu |
| summary |
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-41325 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.2493 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25025 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.25013 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.2496 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00087 |
| scoring_system |
epss |
| scoring_elements |
0.24904 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-41325 |
|
| 1 |
|
| 2 |
| reference_url |
https://twitter.com/0xMitsurugi |
| reference_id |
0xMitsurugi |
| reference_type |
|
| scores |
| 0 |
| value |
7.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/ |
|
|
| url |
https://twitter.com/0xMitsurugi |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-41325
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3maf-pscz-tqdu |
|
| 6 |
|
| 7 |
| url |
VCID-5eeh-h7xt-vucx |
| vulnerability_id |
VCID-5eeh-h7xt-vucx |
| summary |
A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14970 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00623 |
| scoring_system |
epss |
| scoring_elements |
0.70516 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00623 |
| scoring_system |
epss |
| scoring_elements |
0.70558 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00623 |
| scoring_system |
epss |
| scoring_elements |
0.70567 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00623 |
| scoring_system |
epss |
| scoring_elements |
0.70549 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00623 |
| scoring_system |
epss |
| scoring_elements |
0.70538 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14970 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14970
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5eeh-h7xt-vucx |
|
| 8 |
| url |
VCID-6a4e-han8-rfch |
| vulnerability_id |
VCID-6a4e-han8-rfch |
| summary |
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14534 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57258 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.5731 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57318 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57306 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57293 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14534 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14534
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6a4e-han8-rfch |
|
| 9 |
| url |
VCID-6ehu-psdp-gbf1 |
| vulnerability_id |
VCID-6ehu-psdp-gbf1 |
| summary |
The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14533 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54237 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54293 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54302 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54291 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54268 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14533 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14533
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6ehu-psdp-gbf1 |
|
| 10 |
|
| 11 |
|
| 12 |
| url |
VCID-9j7y-wej7-b7f7 |
| vulnerability_id |
VCID-9j7y-wej7-b7f7 |
| summary |
VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-46461 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.5796 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57969 |
| published_at |
2026-06-06T12:55:00Z |
|
| 2 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57958 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57944 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-46461 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-46461
|
| risk_score |
2.0 |
| exploitability |
0.5 |
| weighted_severity |
4.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9j7y-wej7-b7f7 |
|
| 13 |
| url |
VCID-9yyg-uwfq-nqdb |
| vulnerability_id |
VCID-9yyg-uwfq-nqdb |
| summary |
A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-25804 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01001 |
| scoring_system |
epss |
| scoring_elements |
0.77349 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01001 |
| scoring_system |
epss |
| scoring_elements |
0.77377 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01001 |
| scoring_system |
epss |
| scoring_elements |
0.77387 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01001 |
| scoring_system |
epss |
| scoring_elements |
0.77376 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01001 |
| scoring_system |
epss |
| scoring_elements |
0.77367 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-25804 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-25804
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9yyg-uwfq-nqdb |
|
| 14 |
| url |
VCID-ar92-98jc-g3dj |
| vulnerability_id |
VCID-ar92-98jc-g3dj |
| summary |
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5108 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.20819 |
| scoring_system |
epss |
| scoring_elements |
0.95721 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.20819 |
| scoring_system |
epss |
| scoring_elements |
0.95726 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.20819 |
| scoring_system |
epss |
| scoring_elements |
0.95731 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.20819 |
| scoring_system |
epss |
| scoring_elements |
0.95732 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-5108 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
|
| aliases |
CVE-2016-5108
|
| risk_score |
7.6 |
| exploitability |
2.0 |
| weighted_severity |
3.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ar92-98jc-g3dj |
|
| 15 |
| url |
VCID-art7-mk68-gya1 |
| vulnerability_id |
VCID-art7-mk68-gya1 |
| summary |
A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14498 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00582 |
| scoring_system |
epss |
| scoring_elements |
0.69332 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00582 |
| scoring_system |
epss |
| scoring_elements |
0.69372 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00582 |
| scoring_system |
epss |
| scoring_elements |
0.6938 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00582 |
| scoring_system |
epss |
| scoring_elements |
0.69371 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00582 |
| scoring_system |
epss |
| scoring_elements |
0.69356 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14498 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14498
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-art7-mk68-gya1 |
|
| 16 |
| url |
VCID-b1vz-1vqg-zff9 |
| vulnerability_id |
VCID-b1vz-1vqg-zff9 |
| summary |
The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14777 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54237 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54293 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54302 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54291 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54268 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14777 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14777
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b1vz-1vqg-zff9 |
|
| 17 |
|
| 18 |
| url |
VCID-b6xd-jq9k-cfbt |
| vulnerability_id |
VCID-b6xd-jq9k-cfbt |
| summary |
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14535 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57705 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57756 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57765 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57755 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57743 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14535 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14535
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b6xd-jq9k-cfbt |
|
| 19 |
| url |
VCID-bcwr-buk9-7qa2 |
| vulnerability_id |
VCID-bcwr-buk9-7qa2 |
| summary |
A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-25803 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51828 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51886 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51895 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51874 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51843 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-25803 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-25803
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bcwr-buk9-7qa2 |
|
| 20 |
| url |
VCID-c41h-2jrt-23fz |
| vulnerability_id |
VCID-c41h-2jrt-23fz |
| summary |
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19857 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81364 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81392 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81395 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81393 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81388 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-19857 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-19857
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c41h-2jrt-23fz |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
| url |
VCID-e45m-7wd6-xqhg |
| vulnerability_id |
VCID-e45m-7wd6-xqhg |
| summary |
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-47359 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37208 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37215 |
| published_at |
2026-06-06T12:55:00Z |
|
| 2 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37183 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.00164 |
| scoring_system |
epss |
| scoring_elements |
0.37144 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-47359 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-47359
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e45m-7wd6-xqhg |
|
| 25 |
| url |
VCID-e87f-mt58-3kfh |
| vulnerability_id |
VCID-e87f-mt58-3kfh |
| summary |
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11516 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00601 |
| scoring_system |
epss |
| scoring_elements |
0.69865 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00601 |
| scoring_system |
epss |
| scoring_elements |
0.69904 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00601 |
| scoring_system |
epss |
| scoring_elements |
0.69913 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00601 |
| scoring_system |
epss |
| scoring_elements |
0.69903 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00601 |
| scoring_system |
epss |
| scoring_elements |
0.69892 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-11516 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-11516
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e87f-mt58-3kfh |
|
| 26 |
| url |
VCID-ea1z-zanh-eyfg |
| vulnerability_id |
VCID-ea1z-zanh-eyfg |
| summary |
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13962 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03227 |
| scoring_system |
epss |
| scoring_elements |
0.87301 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.03227 |
| scoring_system |
epss |
| scoring_elements |
0.87323 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.03227 |
| scoring_system |
epss |
| scoring_elements |
0.8732 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.03227 |
| scoring_system |
epss |
| scoring_elements |
0.87317 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.03227 |
| scoring_system |
epss |
| scoring_elements |
0.87314 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13962 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13962
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ea1z-zanh-eyfg |
|
| 27 |
| url |
VCID-ec9e-yh13-yuae |
| vulnerability_id |
VCID-ec9e-yh13-yuae |
| summary |
The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14437 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00571 |
| scoring_system |
epss |
| scoring_elements |
0.69007 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00571 |
| scoring_system |
epss |
| scoring_elements |
0.69047 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00571 |
| scoring_system |
epss |
| scoring_elements |
0.69056 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00571 |
| scoring_system |
epss |
| scoring_elements |
0.6905 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00571 |
| scoring_system |
epss |
| scoring_elements |
0.69034 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14437 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14437
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ec9e-yh13-yuae |
|
| 28 |
| url |
VCID-erhv-p6z6-4fgw |
| vulnerability_id |
VCID-erhv-p6z6-4fgw |
| summary |
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14776 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62083 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62131 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62139 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62127 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00417 |
| scoring_system |
epss |
| scoring_elements |
0.62112 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14776 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14776
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-erhv-p6z6-4fgw |
|
| 29 |
| url |
VCID-eufn-wq9m-rua5 |
| vulnerability_id |
VCID-eufn-wq9m-rua5 |
| summary |
Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-8313 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56858 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56909 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56917 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56905 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.5689 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-8313 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
|
| aliases |
CVE-2017-8313
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eufn-wq9m-rua5 |
|
| 30 |
|
| 31 |
| url |
VCID-gyxg-efc1-a3ee |
| vulnerability_id |
VCID-gyxg-efc1-a3ee |
| summary |
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-17670 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01254 |
| scoring_system |
epss |
| scoring_elements |
0.79699 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01254 |
| scoring_system |
epss |
| scoring_elements |
0.79725 |
| published_at |
2026-06-07T12:55:00Z |
|
| 2 |
| value |
0.01254 |
| scoring_system |
epss |
| scoring_elements |
0.7973 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01254 |
| scoring_system |
epss |
| scoring_elements |
0.79714 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-17670 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-17670
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gyxg-efc1-a3ee |
|
| 32 |
| url |
VCID-j5qs-dpjh-f3cs |
| vulnerability_id |
VCID-j5qs-dpjh-f3cs |
| summary |
arbitrary code execution |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-10699 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71872 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71911 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71918 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71897 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00675 |
| scoring_system |
epss |
| scoring_elements |
0.71882 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-10699 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
| 1 |
|
|
| aliases |
CVE-2017-10699
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j5qs-dpjh-f3cs |
|
| 33 |
|
| 34 |
| url |
VCID-k8aa-1nb6-f3c3 |
| vulnerability_id |
VCID-k8aa-1nb6-f3c3 |
| summary |
plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9301 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62319 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62365 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62372 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62361 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00421 |
| scoring_system |
epss |
| scoring_elements |
0.62346 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9301 |
|
| 1 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
|
| aliases |
CVE-2017-9301
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k8aa-1nb6-f3c3 |
|
| 35 |
| url |
VCID-murd-k9xt-6bdk |
| vulnerability_id |
VCID-murd-k9xt-6bdk |
| summary |
multiple issues |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-8310 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00183 |
| scoring_system |
epss |
| scoring_elements |
0.39763 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00183 |
| scoring_system |
epss |
| scoring_elements |
0.39849 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00183 |
| scoring_system |
epss |
| scoring_elements |
0.39853 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00183 |
| scoring_system |
epss |
| scoring_elements |
0.39826 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00183 |
| scoring_system |
epss |
| scoring_elements |
0.398 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-8310 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
|
| aliases |
CVE-2017-8310
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-murd-k9xt-6bdk |
|
| 36 |
| url |
VCID-n3qa-tcg2-7fa9 |
| vulnerability_id |
VCID-n3qa-tcg2-7fa9 |
| summary |
VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-5949 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07445 |
| scoring_system |
epss |
| scoring_elements |
0.91896 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.07445 |
| scoring_system |
epss |
| scoring_elements |
0.91908 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.07445 |
| scoring_system |
epss |
| scoring_elements |
0.91909 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.07445 |
| scoring_system |
epss |
| scoring_elements |
0.91907 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-5949 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
|
| aliases |
CVE-2015-5949
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n3qa-tcg2-7fa9 |
|
| 37 |
| url |
VCID-p74t-yceb-fyff |
| vulnerability_id |
VCID-p74t-yceb-fyff |
| summary |
An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13602 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.55001 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.55059 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.55067 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.55057 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.5504 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13602 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13602
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p74t-yceb-fyff |
|
| 38 |
|
| 39 |
| url |
VCID-r5wu-ff55-mqej |
| vulnerability_id |
VCID-r5wu-ff55-mqej |
| summary |
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-26664 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53215 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53276 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53284 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53268 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53242 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-26664 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-26664
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r5wu-ff55-mqej |
|
| 40 |
| url |
VCID-ra6h-qzvf-6ygq |
| vulnerability_id |
VCID-ra6h-qzvf-6ygq |
| summary |
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-5459 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01185 |
| scoring_system |
epss |
| scoring_elements |
0.79127 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01185 |
| scoring_system |
epss |
| scoring_elements |
0.79153 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01185 |
| scoring_system |
epss |
| scoring_elements |
0.79159 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01185 |
| scoring_system |
epss |
| scoring_elements |
0.7915 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01185 |
| scoring_system |
epss |
| scoring_elements |
0.79139 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-5459 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-5459
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ra6h-qzvf-6ygq |
|
| 41 |
| url |
VCID-sk6j-cy2t-a3d8 |
| vulnerability_id |
VCID-sk6j-cy2t-a3d8 |
| summary |
A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14438 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0051 |
| scoring_system |
epss |
| scoring_elements |
0.66732 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.0051 |
| scoring_system |
epss |
| scoring_elements |
0.66773 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.0051 |
| scoring_system |
epss |
| scoring_elements |
0.66781 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.0051 |
| scoring_system |
epss |
| scoring_elements |
0.66766 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.0051 |
| scoring_system |
epss |
| scoring_elements |
0.66751 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14438 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14438
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sk6j-cy2t-a3d8 |
|
| 42 |
| url |
VCID-ubrv-zj1d-7bft |
| vulnerability_id |
VCID-ubrv-zj1d-7bft |
| summary |
Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF." |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-3941 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54178 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54234 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54243 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54233 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.5421 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-3941 |
|
| 1 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
|
| aliases |
CVE-2016-3941
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ubrv-zj1d-7bft |
|
| 43 |
| url |
VCID-vj52-2nf1-huda |
| vulnerability_id |
VCID-vj52-2nf1-huda |
| summary |
An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. NOTE: this may be related to the SDL_Image product. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-19721 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01303 |
| scoring_system |
epss |
| scoring_elements |
0.80098 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01303 |
| scoring_system |
epss |
| scoring_elements |
0.80123 |
| published_at |
2026-06-07T12:55:00Z |
|
| 2 |
| value |
0.01303 |
| scoring_system |
epss |
| scoring_elements |
0.80128 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01303 |
| scoring_system |
epss |
| scoring_elements |
0.80115 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-19721 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-19721
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vj52-2nf1-huda |
|
| 44 |
|
| 45 |
| url |
VCID-xkhj-f8k9-nkfb |
| vulnerability_id |
VCID-xkhj-f8k9-nkfb |
| summary |
The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14778 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54237 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54293 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54302 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54291 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00307 |
| scoring_system |
epss |
| scoring_elements |
0.54268 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-14778 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-14778
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xkhj-f8k9-nkfb |
|
| 46 |
|
| 47 |
| url |
VCID-y48v-wx35-83h1 |
| vulnerability_id |
VCID-y48v-wx35-83h1 |
| summary |
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-13428 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.07483 |
| scoring_system |
epss |
| scoring_elements |
0.91921 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.07483 |
| scoring_system |
epss |
| scoring_elements |
0.91934 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.07483 |
| scoring_system |
epss |
| scoring_elements |
0.91935 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.07483 |
| scoring_system |
epss |
| scoring_elements |
0.91933 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-13428 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-13428
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y48v-wx35-83h1 |
|
| 48 |
| url |
VCID-y5s8-jma2-qbgw |
| vulnerability_id |
VCID-y5s8-jma2-qbgw |
| summary |
A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-25802 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51828 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51886 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51895 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51874 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00282 |
| scoring_system |
epss |
| scoring_elements |
0.51843 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-25802 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-25802
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y5s8-jma2-qbgw |
|
| 49 |
| url |
VCID-y83r-eq34-ykbc |
| vulnerability_id |
VCID-y83r-eq34-ykbc |
| summary |
arbitrary code execution |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9300 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56897 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56948 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56956 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56944 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56929 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9300 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| purl |
pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2cm1-sqxz-h7d2 |
|
| 1 |
| vulnerability |
VCID-2gbt-e8k9-bfe3 |
|
| 2 |
| vulnerability |
VCID-3ae2-1yab-r3ep |
|
| 3 |
| vulnerability |
VCID-3maf-pscz-tqdu |
|
| 4 |
| vulnerability |
VCID-557y-hv8p-efhf |
|
| 5 |
| vulnerability |
VCID-5eeh-h7xt-vucx |
|
| 6 |
| vulnerability |
VCID-6a4e-han8-rfch |
|
| 7 |
| vulnerability |
VCID-6ehu-psdp-gbf1 |
|
| 8 |
| vulnerability |
VCID-89yv-t37p-tuaq |
|
| 9 |
| vulnerability |
VCID-96d2-udsw-rke5 |
|
| 10 |
| vulnerability |
VCID-9j7y-wej7-b7f7 |
|
| 11 |
| vulnerability |
VCID-9yyg-uwfq-nqdb |
|
| 12 |
| vulnerability |
VCID-art7-mk68-gya1 |
|
| 13 |
| vulnerability |
VCID-b1vz-1vqg-zff9 |
|
| 14 |
| vulnerability |
VCID-b1we-n5jv-53dv |
|
| 15 |
| vulnerability |
VCID-b6xd-jq9k-cfbt |
|
| 16 |
| vulnerability |
VCID-bcwr-buk9-7qa2 |
|
| 17 |
| vulnerability |
VCID-c41h-2jrt-23fz |
|
| 18 |
| vulnerability |
VCID-c5hg-us5r-77cq |
|
| 19 |
| vulnerability |
VCID-cshp-tets-gfbk |
|
| 20 |
| vulnerability |
VCID-cw49-sn3z-tfh7 |
|
| 21 |
| vulnerability |
VCID-e45m-7wd6-xqhg |
|
| 22 |
| vulnerability |
VCID-e87f-mt58-3kfh |
|
| 23 |
| vulnerability |
VCID-ea1z-zanh-eyfg |
|
| 24 |
| vulnerability |
VCID-ec9e-yh13-yuae |
|
| 25 |
| vulnerability |
VCID-erhv-p6z6-4fgw |
|
| 26 |
| vulnerability |
VCID-fkdd-mfrw-r7gm |
|
| 27 |
| vulnerability |
VCID-gyxg-efc1-a3ee |
|
| 28 |
| vulnerability |
VCID-j5qs-dpjh-f3cs |
|
| 29 |
| vulnerability |
VCID-jwe9-fx8s-xbcc |
|
| 30 |
| vulnerability |
VCID-p74t-yceb-fyff |
|
| 31 |
| vulnerability |
VCID-qjfd-tzwn-jyfg |
|
| 32 |
| vulnerability |
VCID-r5wu-ff55-mqej |
|
| 33 |
| vulnerability |
VCID-ra6h-qzvf-6ygq |
|
| 34 |
| vulnerability |
VCID-sk6j-cy2t-a3d8 |
|
| 35 |
| vulnerability |
VCID-vj52-2nf1-huda |
|
| 36 |
| vulnerability |
VCID-x78p-6scf-bydj |
|
| 37 |
| vulnerability |
VCID-xkhj-f8k9-nkfb |
|
| 38 |
| vulnerability |
VCID-xutf-mndc-8yd7 |
|
| 39 |
| vulnerability |
VCID-y48v-wx35-83h1 |
|
| 40 |
| vulnerability |
VCID-y5s8-jma2-qbgw |
|
| 41 |
| vulnerability |
VCID-y83r-eq34-ykbc |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.7-1~deb8u1 |
|
| 1 |
|
|
| aliases |
CVE-2017-9300
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y83r-eq34-ykbc |
|