{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","type":"deb","namespace":"debian","name":"vlc","version":"3.0.23-0+deb13u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.0.23-3","latest_non_vulnerable_version":"3.0.23-3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80990?format=json","vulnerability_id":"VCID-1y7q-q949-kbcc","summary":"libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3276","reference_id":"","reference_type":"","scores":[{"value":"0.08557","scoring_system":"epss","scoring_elements":"0.92525","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3276"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364829?format=json","purl":"pkg:deb/debian/vlc@1.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-3276"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1y7q-q949-kbcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81107?format=json","vulnerability_id":"VCID-22fc-m3gp-u7g8","summary":"demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to \"class mismatching\" and the MKV_IS_ID macro.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0531","reference_id":"","reference_type":"","scores":[{"value":"0.7325","scoring_system":"epss","scoring_elements":"0.98817","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0531"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16637.rb","reference_id":"CVE-2011-0531;OSVDB-70698","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16637.rb"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364832?format=json","purl":"pkg:deb/debian/vlc@1.1.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-0531"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22fc-m3gp-u7g8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55746?format=json","vulnerability_id":"VCID-22m1-tnhb-3bhz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13602","reference_id":"","reference_type":"","scores":[{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67805","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932131","reference_id":"932131","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932131"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4074-1/","reference_id":"USN-4074-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4074-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364862?format=json","purl":"pkg:deb/debian/vlc@3.0.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-13602"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22m1-tnhb-3bhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74824?format=json","vulnerability_id":"VCID-23v4-y3cm-hke2","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9630","reference_id":"","reference_type":"","scores":[{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60884","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9630"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866","reference_id":"775866","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364848?format=json","purl":"pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-9630"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-23v4-y3cm-hke2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85514?format=json","vulnerability_id":"VCID-2k3h-wwwc-skcr","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-47359","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37134","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-47359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47360"},{"reference_url":"https://0xariana.github.io/blog/real_bugs/vlc/mms","reference_id":"mms","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-07T14:49:06Z/"}],"url":"https://0xariana.github.io/blog/real_bugs/vlc/mms"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html","reference_id":"msg00034.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-07T14:49:06Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html"},{"reference_url":"https://usn.ubuntu.com/6783-1/","reference_id":"USN-6783-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6783-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364871?format=json","purl":"pkg:deb/debian/vlc@3.0.20-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364870?format=json","purl":"pkg:deb/debian/vlc@3.0.20-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364872?format=json","purl":"pkg:deb/debian/vlc@3.0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2023-47359"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2k3h-wwwc-skcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79060?format=json","vulnerability_id":"VCID-2tnv-ezk2-1bh3","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13962","reference_id":"","reference_type":"","scores":[{"value":"0.03227","scoring_system":"epss","scoring_elements":"0.87282","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-13962"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2tnv-ezk2-1bh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81188?format=json","vulnerability_id":"VCID-2wm4-zq6n-u7cw","summary":"Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2587","reference_id":"","reference_type":"","scores":[{"value":"0.03007","scoring_system":"epss","scoring_elements":"0.86813","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633674","reference_id":"633674","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633674"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364835?format=json","purl":"pkg:deb/debian/vlc@1.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-2587"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2wm4-zq6n-u7cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80588?format=json","vulnerability_id":"VCID-2zt8-x7cs-63aw","summary":"The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6684","reference_id":"","reference_type":"","scores":[{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75608","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6684"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318","reference_id":"458318","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318"},{"reference_url":"https://security.gentoo.org/glsa/200803-13","reference_id":"GLSA-200803-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364810?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-6684"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2zt8-x7cs-63aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80089?format=json","vulnerability_id":"VCID-31tj-6sdh-kyc6","summary":"Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4048","reference_id":"","reference_type":"","scores":[{"value":"0.05247","scoring_system":"epss","scoring_elements":"0.90117","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342207","reference_id":"342207","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342207"},{"reference_url":"https://security.gentoo.org/glsa/200601-06","reference_id":"GLSA-200601-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-06"},{"reference_url":"https://security.gentoo.org/glsa/200602-01","reference_id":"GLSA-200602-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-01"},{"reference_url":"https://security.gentoo.org/glsa/200603-03","reference_id":"GLSA-200603-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200603-03"},{"reference_url":"https://usn.ubuntu.com/230-1/","reference_id":"USN-230-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/230-1/"},{"reference_url":"https://usn.ubuntu.com/230-2/","reference_id":"USN-230-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/230-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364806?format=json","purl":"pkg:deb/debian/vlc@0.8.4.debian-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.4.debian-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2005-4048"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-31tj-6sdh-kyc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79245?format=json","vulnerability_id":"VCID-39rv-ssyd-9bcd","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5108","reference_id":"","reference_type":"","scores":[{"value":"0.20819","scoring_system":"epss","scoring_elements":"0.95708","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5108"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5108","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5108"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825728","reference_id":"825728","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825728"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41025.txt","reference_id":"CVE-2016-5108","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41025.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/05/27/3","reference_id":"CVE-2016-5108","reference_type":"exploit","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/05/27/3"},{"reference_url":"https://security.gentoo.org/glsa/201701-39","reference_id":"GLSA-201701-39","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-39"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364851?format=json","purl":"pkg:deb/debian/vlc@2.2.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2016-5108"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39rv-ssyd-9bcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74822?format=json","vulnerability_id":"VCID-3eqj-ey5s-rudn","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9629","reference_id":"","reference_type":"","scores":[{"value":"0.01498","scoring_system":"epss","scoring_elements":"0.81426","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866","reference_id":"775866","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364848?format=json","purl":"pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-9629"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3eqj-ey5s-rudn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80989?format=json","vulnerability_id":"VCID-3fuz-525g-7qhn","summary":"libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a \"dangling pointer vulnerability.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3275","reference_id":"","reference_type":"","scores":[{"value":"0.86225","scoring_system":"epss","scoring_elements":"0.99415","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3275"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17048.rb","reference_id":"CVE-2010-3275;OSVDB-71277","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17048.rb"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364829?format=json","purl":"pkg:deb/debian/vlc@1.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-3275"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3fuz-525g-7qhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81408?format=json","vulnerability_id":"VCID-3k7q-7ux2-v3gc","summary":"Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1775","reference_id":"","reference_type":"","scores":[{"value":"0.72888","scoring_system":"epss","scoring_elements":"0.98802","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1775"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18825.rb","reference_id":"CVE-2012-1775;OSVDB-80188","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18825.rb"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364837?format=json","purl":"pkg:deb/debian/vlc@2.0.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2012-1775"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3k7q-7ux2-v3gc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80631?format=json","vulnerability_id":"VCID-3z8d-fmkm-vbg9","summary":"VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1769","reference_id":"","reference_type":"","scores":[{"value":"0.26634","scoring_system":"epss","scoring_elements":"0.96428","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1769"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478140","reference_id":"478140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478140"},{"reference_url":"https://security.gentoo.org/glsa/200804-25","reference_id":"GLSA-200804-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364815?format=json","purl":"pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-1769"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3z8d-fmkm-vbg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74817?format=json","vulnerability_id":"VCID-43c6-j159-yfbk","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9626","reference_id":"","reference_type":"","scores":[{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56858","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866","reference_id":"775866","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364848?format=json","purl":"pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-9626"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43c6-j159-yfbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53085?format=json","vulnerability_id":"VCID-5973-1mjv-9qbt","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6077","reference_id":"","reference_type":"","scores":[{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67802","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080"},{"reference_url":"https://security.archlinux.org/ASA-202004-24","reference_id":"ASA-202004-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-24"},{"reference_url":"https://security.archlinux.org/AVG-1136","reference_id":"AVG-1136","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1136"},{"reference_url":"https://security.gentoo.org/glsa/202005-10","reference_id":"GLSA-202005-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-10"},{"reference_url":"https://usn.ubuntu.com/7239-1/","reference_id":"USN-7239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7239-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364867?format=json","purl":"pkg:deb/debian/vlc@3.0.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-6077"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5973-1mjv-9qbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80925?format=json","vulnerability_id":"VCID-5q88-362x-8fbe","summary":"Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1445","reference_id":"","reference_type":"","scores":[{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.8308","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1445"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1445","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1445"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364826?format=json","purl":"pkg:deb/debian/vlc@1.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-1445"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5q88-362x-8fbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80622?format=json","vulnerability_id":"VCID-68a3-djza-fkc6","summary":"The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0984","reference_id":"","reference_type":"","scores":[{"value":"0.27188","scoring_system":"epss","scoring_elements":"0.96476","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467652","reference_id":"467652","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467652"},{"reference_url":"https://security.gentoo.org/glsa/200803-13","reference_id":"GLSA-200803-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364813?format=json","purl":"pkg:deb/debian/vlc@0.8.6.e-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-0984"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68a3-djza-fkc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54558?format=json","vulnerability_id":"VCID-68r2-pck9-xuhy","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14533","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14533"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68r2-pck9-xuhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81148?format=json","vulnerability_id":"VCID-6fe9-zqgp-rkey","summary":"Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1684","reference_id":"","reference_type":"","scores":[{"value":"0.0494","scoring_system":"epss","scoring_elements":"0.89785","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364834?format=json","purl":"pkg:deb/debian/vlc@1.1.8-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.8-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-1684"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6fe9-zqgp-rkey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86442?format=json","vulnerability_id":"VCID-6n3f-56gb-gffg","summary":"mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-51602","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07698","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-51602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-51602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-51602"},{"reference_url":"https://code.videolan.org/videolan/vlc/-/issues/29146","reference_id":"29146","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T17:35:28Z/"}],"url":"https://code.videolan.org/videolan/vlc/-/issues/29146"},{"reference_url":"https://www.videolan.org/security/sb-vlc3022.html","reference_id":"sb-vlc3022.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T17:35:28Z/"}],"url":"https://www.videolan.org/security/sb-vlc3022.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364875?format=json","purl":"pkg:deb/debian/vlc@3.0.22-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364878?format=json","purl":"pkg:deb/debian/vlc@3.0.22-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364877?format=json","purl":"pkg:deb/debian/vlc@3.0.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364876?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2025-51602"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6n3f-56gb-gffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91420?format=json","vulnerability_id":"VCID-6rmd-dk6h-1qgw","summary":"Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1300","reference_id":"","reference_type":"","scores":[{"value":"0.09687","scoring_system":"epss","scoring_elements":"0.93044","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1300"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24978.txt","reference_id":"CVE-2004-1300;OSVDB-12474","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24978.txt"},{"reference_url":"https://www.securityfocus.com/bid/11969/info","reference_id":"CVE-2004-1300;OSVDB-12474","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/11969/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2004-1300"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rmd-dk6h-1qgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88519?format=json","vulnerability_id":"VCID-6wrh-29y2-tkes","summary":"Multiple vulnerabilities in xine-lib might result in the remote execution\n    of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0698","reference_id":"","reference_type":"","scores":[{"value":"0.02442","scoring_system":"epss","scoring_elements":"0.85427","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0698"},{"reference_url":"https://security.gentoo.org/glsa/201006-04","reference_id":"GLSA-201006-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-04"},{"reference_url":"https://usn.ubuntu.com/746-1/","reference_id":"USN-746-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/746-1/"},{"reference_url":"https://usn.ubuntu.com/763-1/","reference_id":"USN-763-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/763-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2009-0698"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6wrh-29y2-tkes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74236?format=json","vulnerability_id":"VCID-73kb-gdnz-13au","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8312","reference_id":"","reference_type":"","scores":[{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.5681","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313"},{"reference_url":"https://security.archlinux.org/ASA-201706-1","reference_id":"ASA-201706-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-1"},{"reference_url":"https://security.archlinux.org/AVG-283","reference_id":"AVG-283","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-283"},{"reference_url":"https://security.gentoo.org/glsa/201707-10","reference_id":"GLSA-201707-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364856?format=json","purl":"pkg:deb/debian/vlc@2.2.6-1~deb9u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.6-1~deb9u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2017-8312"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-73kb-gdnz-13au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80975?format=json","vulnerability_id":"VCID-78tg-e6np-x3ca","summary":"The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 does not properly process ID3v2 tags, which allows remote attackers to cause a denial of service (application crash) via a crafted media file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2937","reference_id":"","reference_type":"","scores":[{"value":"0.01382","scoring_system":"epss","scoring_elements":"0.80605","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2937"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364828?format=json","purl":"pkg:deb/debian/vlc@1.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-2937"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-78tg-e6np-x3ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81885?format=json","vulnerability_id":"VCID-7aby-nugy-17f2","summary":"VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6440","reference_id":"","reference_type":"","scores":[{"value":"0.067","scoring_system":"epss","scoring_elements":"0.91389","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6440"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364847?format=json","purl":"pkg:deb/debian/vlc@2.1.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-6440"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7aby-nugy-17f2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70447?format=json","vulnerability_id":"VCID-7ayv-bxhg-37a2","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4388","reference_id":"","reference_type":"","scores":[{"value":"0.03905","scoring_system":"epss","scoring_elements":"0.88485","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726528","reference_id":"726528","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726528"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364843?format=json","purl":"pkg:deb/debian/vlc@2.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-4388"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ayv-bxhg-37a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80796?format=json","vulnerability_id":"VCID-8g59-wc79-3qf9","summary":"requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1045","reference_id":"","reference_type":"","scores":[{"value":"0.10904","scoring_system":"epss","scoring_elements":"0.9351","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1045"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522170","reference_id":"522170","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522170"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/8213.pl","reference_id":"OSVDB-52897;CVE-2009-1045","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/8213.pl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364825?format=json","purl":"pkg:deb/debian/vlc@0.9.9a-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.9.9a-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2009-1045"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8g59-wc79-3qf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88516?format=json","vulnerability_id":"VCID-97pe-web8-bffm","summary":"Multiple vulnerabilities in xine-lib might result in the remote execution\n    of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5246","reference_id":"","reference_type":"","scores":[{"value":"0.04348","scoring_system":"epss","scoring_elements":"0.89104","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5246"},{"reference_url":"https://security.gentoo.org/glsa/201006-04","reference_id":"GLSA-201006-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-04"},{"reference_url":"https://usn.ubuntu.com/710-1/","reference_id":"USN-710-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/710-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-5246"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-97pe-web8-bffm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80476?format=json","vulnerability_id":"VCID-99jx-jjxn-93ad","summary":"Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3467","reference_id":"","reference_type":"","scores":[{"value":"0.0103","scoring_system":"epss","scoring_elements":"0.77614","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3467"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726","reference_id":"429726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364808?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-3467"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-99jx-jjxn-93ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79314?format=json","vulnerability_id":"VCID-9a2y-gsb8-93gr","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8313","reference_id":"","reference_type":"","scores":[{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56834","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313"},{"reference_url":"https://security.gentoo.org/glsa/201707-10","reference_id":"GLSA-201707-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364855?format=json","purl":"pkg:deb/debian/vlc@2.2.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2017-8313"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9a2y-gsb8-93gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78620?format=json","vulnerability_id":"VCID-a3mz-sz3c-afcd","summary":"xine-lib: sdpplin_parse() Array Indexing Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0073.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0073.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0073","reference_id":"","reference_type":"","scores":[{"value":"0.01773","scoring_system":"epss","scoring_elements":"0.82977","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=438182","reference_id":"438182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=438182"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473057","reference_id":"473057","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473057"},{"reference_url":"https://security.gentoo.org/glsa/200804-25","reference_id":"GLSA-200804-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-25"},{"reference_url":"https://security.gentoo.org/glsa/200808-01","reference_id":"GLSA-200808-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200808-01"},{"reference_url":"https://usn.ubuntu.com/635-1/","reference_id":"USN-635-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/635-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364811?format=json","purl":"pkg:deb/debian/vlc@0.8.6.e-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-0073"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3mz-sz3c-afcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70280?format=json","vulnerability_id":"VCID-a49g-pab3-hyev","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14776","reference_id":"","reference_type":"","scores":[{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.62026","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14776"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a49g-pab3-hyev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81775?format=json","vulnerability_id":"VCID-a5zh-edkn-g7d3","summary":"VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7340","reference_id":"","reference_type":"","scores":[{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63604","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364846?format=json","purl":"pkg:deb/debian/vlc@2.2.0~rc2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-7340"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a5zh-edkn-g7d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81742?format=json","vulnerability_id":"VCID-a7x2-a4kt-3yam","summary":"VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6283","reference_id":"","reference_type":"","scores":[{"value":"0.09811","scoring_system":"epss","scoring_elements":"0.93093","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6283"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/27700.py","reference_id":"OSVDB-96603;CVE-2013-6283","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/27700.py"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364844?format=json","purl":"pkg:deb/debian/vlc@2.1.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-6283"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7x2-a4kt-3yam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81487?format=json","vulnerability_id":"VCID-a9mf-5dre-wfce","summary":"Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3377","reference_id":"","reference_type":"","scores":[{"value":"0.03905","scoring_system":"epss","scoring_elements":"0.88485","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665","reference_id":"680665","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364838?format=json","purl":"pkg:deb/debian/vlc@2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2012-3377"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9mf-5dre-wfce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72593?format=json","vulnerability_id":"VCID-aau5-3d7k-sfe9","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5439","reference_id":"","reference_type":"","scores":[{"value":"0.17012","scoring_system":"epss","scoring_elements":"0.9509","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930276","reference_id":"930276","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930276"},{"reference_url":"https://security.archlinux.org/ASA-201906-22","reference_id":"ASA-201906-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201906-22"},{"reference_url":"https://security.archlinux.org/AVG-998","reference_id":"AVG-998","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-998"},{"reference_url":"https://security.gentoo.org/glsa/201908-23","reference_id":"GLSA-201908-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201908-23"},{"reference_url":"https://usn.ubuntu.com/4074-1/","reference_id":"USN-4074-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4074-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364861?format=json","purl":"pkg:deb/debian/vlc@3.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-5439"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aau5-3d7k-sfe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85962?format=json","vulnerability_id":"VCID-b58n-2gpc-a7ek","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46461","reference_id":"","reference_type":"","scores":[{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57878","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-46461"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46461","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46461"},{"reference_url":"https://www.videolan.org/security/sb-vlc3021.html","reference_id":"sb-vlc3021.html","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T15:37:59Z/"}],"url":"https://www.videolan.org/security/sb-vlc3021.html"},{"reference_url":"https://usn.ubuntu.com/7243-1/","reference_id":"USN-7243-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7243-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364873?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364874?format=json","purl":"pkg:deb/debian/vlc@3.0.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2024-46461"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b58n-2gpc-a7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81332?format=json","vulnerability_id":"VCID-b67n-vqzx-j3ev","summary":"Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0023","reference_id":"","reference_type":"","scores":[{"value":"0.11852","scoring_system":"epss","scoring_elements":"0.93841","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0023"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364836?format=json","purl":"pkg:deb/debian/vlc@1.1.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2012-0023"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b67n-vqzx-j3ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79452?format=json","vulnerability_id":"VCID-c2qj-4wqv-ybfn","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25802","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804"},{"reference_url":"https://usn.ubuntu.com/6180-1/","reference_id":"USN-6180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364866?format=json","purl":"pkg:deb/debian/vlc@3.0.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2021-25802"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2qj-4wqv-ybfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57090?format=json","vulnerability_id":"VCID-ct1v-7zwr-3fcr","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13428","reference_id":"","reference_type":"","scores":[{"value":"0.0692","scoring_system":"epss","scoring_elements":"0.91538","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13428"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13428","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13428"},{"reference_url":"https://usn.ubuntu.com/6180-1/","reference_id":"USN-6180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364865?format=json","purl":"pkg:deb/debian/vlc@3.0.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-13428"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ct1v-7zwr-3fcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80585?format=json","vulnerability_id":"VCID-cvbd-ydn7-cugm","summary":"Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6681","reference_id":"","reference_type":"","scores":[{"value":"0.39044","scoring_system":"epss","scoring_elements":"0.97343","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318","reference_id":"458318","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318"},{"reference_url":"https://security.gentoo.org/glsa/200803-13","reference_id":"GLSA-200803-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-13"},{"reference_url":"https://security.gentoo.org/glsa/200804-25","reference_id":"GLSA-200804-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-25"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5498.py","reference_id":"OSVDB-44578;CVE-2008-1769;OSVDB-43702;CVE-2008-1489;OSVDB-43436;CVE-2008-0984;OSVDB-43002;CVE-2008-0296;OSVDB-42207;CVE-2008-0295;OSVDB-42194;CVE-2008-0073;OSVDB-42193;CVE-2007-6681","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5498.py"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364810?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-6681"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvbd-ydn7-cugm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81702?format=json","vulnerability_id":"VCID-cxmz-xy2h-hfaj","summary":"The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3564","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46198","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3564"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364842?format=json","purl":"pkg:deb/debian/vlc@2.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-3564"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cxmz-xy2h-hfaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80630?format=json","vulnerability_id":"VCID-czjd-h9eu-x7d6","summary":"Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1768","reference_id":"","reference_type":"","scores":[{"value":"0.01879","scoring_system":"epss","scoring_elements":"0.83454","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1768"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1768","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1768"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478140","reference_id":"478140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478140"},{"reference_url":"https://security.gentoo.org/glsa/200804-25","reference_id":"GLSA-200804-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364815?format=json","purl":"pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-1768"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-czjd-h9eu-x7d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88162?format=json","vulnerability_id":"VCID-da5u-xxs1-dfe1","summary":"Multiple vulnerabilities have been found in VLC, the worst of which\n    could lead to user-assisted execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5855","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57215","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5855"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2012-5855"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-da5u-xxs1-dfe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81409?format=json","vulnerability_id":"VCID-duzt-8hry-afcq","summary":"Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1776","reference_id":"","reference_type":"","scores":[{"value":"0.03903","scoring_system":"epss","scoring_elements":"0.8848","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1776"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364837?format=json","purl":"pkg:deb/debian/vlc@2.0.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2012-1776"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-duzt-8hry-afcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79809?format=json","vulnerability_id":"VCID-dv6p-47uf-8ucb","summary":"Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1476","reference_id":"","reference_type":"","scores":[{"value":"0.02053","scoring_system":"epss","scoring_elements":"0.84163","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1476"},{"reference_url":"https://security.gentoo.org/glsa/200409-30","reference_id":"GLSA-200409-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200409-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2004-1476"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv6p-47uf-8ucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81575?format=json","vulnerability_id":"VCID-dvtd-vjms-g3fr","summary":"libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5470","reference_id":"","reference_type":"","scores":[{"value":"0.16977","scoring_system":"epss","scoring_elements":"0.95083","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5470"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692130","reference_id":"692130","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692130"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/21889.pl","reference_id":"CVE-2012-5470;OSVDB-86685","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/21889.pl"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364839?format=json","purl":"pkg:deb/debian/vlc@2.0.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2012-5470"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dvtd-vjms-g3fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79451?format=json","vulnerability_id":"VCID-epg8-9q1w-b7gv","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25801","reference_id":"","reference_type":"","scores":[{"value":"0.02324","scoring_system":"epss","scoring_elements":"0.8507","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804"},{"reference_url":"https://usn.ubuntu.com/6180-1/","reference_id":"USN-6180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364866?format=json","purl":"pkg:deb/debian/vlc@3.0.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2021-25801"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-epg8-9q1w-b7gv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79454?format=json","vulnerability_id":"VCID-erfe-pg29-xfad","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25804","reference_id":"","reference_type":"","scores":[{"value":"0.01001","scoring_system":"epss","scoring_elements":"0.77298","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804"},{"reference_url":"https://usn.ubuntu.com/6180-1/","reference_id":"USN-6180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364866?format=json","purl":"pkg:deb/debian/vlc@3.0.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2021-25804"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-erfe-pg29-xfad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82786?format=json","vulnerability_id":"VCID-ezme-bbsg-4khs","summary":"plugins\\audio_filter\\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9301","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62264","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9301"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364857?format=json","purl":"pkg:deb/debian/vlc@2.2.5.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.5.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2017-9301"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezme-bbsg-4khs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54683?format=json","vulnerability_id":"VCID-fewk-x4rv-bqbx","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19721","reference_id":"","reference_type":"","scores":[{"value":"0.01303","scoring_system":"epss","scoring_elements":"0.80067","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080"},{"reference_url":"https://security.archlinux.org/AVG-1145","reference_id":"AVG-1145","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1145"},{"reference_url":"https://security.gentoo.org/glsa/202005-11","reference_id":"GLSA-202005-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-11"},{"reference_url":"https://usn.ubuntu.com/6180-1/","reference_id":"USN-6180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364864?format=json","purl":"pkg:deb/debian/vlc@3.0.9.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.9.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-19721"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fewk-x4rv-bqbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81189?format=json","vulnerability_id":"VCID-fq5r-txzc-gfdp","summary":"Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2588","reference_id":"","reference_type":"","scores":[{"value":"0.03007","scoring_system":"epss","scoring_elements":"0.86813","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633675","reference_id":"633675","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633675"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364835?format=json","purl":"pkg:deb/debian/vlc@1.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-2588"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fq5r-txzc-gfdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75424?format=json","vulnerability_id":"VCID-fret-qvh1-13gg","summary":"xine-lib: various flaws (CVE-2008-5234 CVE-2008-5235 CVE-2008-5236 CVE-2008-5237 CVE-2008-5239 CVE-2008-5240 CVE-2008-5241 CVE-2008-5242 CVE-2008-5243 CVE-2008-5244 CVE-2008-5247)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5235.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5235.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5235","reference_id":"","reference_type":"","scores":[{"value":"0.03478","scoring_system":"epss","scoring_elements":"0.87764","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5235"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=473234","reference_id":"473234","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=473234"},{"reference_url":"https://security.gentoo.org/glsa/201006-04","reference_id":"GLSA-201006-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-5235"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fret-qvh1-13gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70445?format=json","vulnerability_id":"VCID-fyek-gh73-fybn","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1868","reference_id":"","reference_type":"","scores":[{"value":"0.50657","scoring_system":"epss","scoring_elements":"0.97897","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/23201.txt","reference_id":"OSVDB-88299;CVE-2013-1868","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/23201.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364840?format=json","purl":"pkg:deb/debian/vlc@2.0.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-1868"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fyek-gh73-fybn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79058?format=json","vulnerability_id":"VCID-g8zk-8fpn-yqb6","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5459","reference_id":"","reference_type":"","scores":[{"value":"0.01185","scoring_system":"epss","scoring_elements":"0.79095","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364861?format=json","purl":"pkg:deb/debian/vlc@3.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-5459"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8zk-8fpn-yqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80922?format=json","vulnerability_id":"VCID-ge6q-4wte-nqg9","summary":"VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1442","reference_id":"","reference_type":"","scores":[{"value":"0.0182","scoring_system":"epss","scoring_elements":"0.8318","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1442","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1442"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364826?format=json","purl":"pkg:deb/debian/vlc@1.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-1442"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ge6q-4wte-nqg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80607?format=json","vulnerability_id":"VCID-gpn8-y9dh-q3dx","summary":"Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0296","reference_id":"","reference_type":"","scores":[{"value":"0.11636","scoring_system":"epss","scoring_elements":"0.93773","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0296"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544","reference_id":"461544","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544"},{"reference_url":"https://security.gentoo.org/glsa/200803-13","reference_id":"GLSA-200803-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364812?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-0296"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gpn8-y9dh-q3dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59437?format=json","vulnerability_id":"VCID-gyg9-wc51-7ybb","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6079","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70347","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080"},{"reference_url":"https://security.archlinux.org/ASA-202004-24","reference_id":"ASA-202004-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-24"},{"reference_url":"https://security.archlinux.org/AVG-1136","reference_id":"AVG-1136","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1136"},{"reference_url":"https://security.gentoo.org/glsa/202005-10","reference_id":"GLSA-202005-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-10"},{"reference_url":"https://usn.ubuntu.com/7239-1/","reference_id":"USN-7239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7239-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364867?format=json","purl":"pkg:deb/debian/vlc@3.0.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-6079"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gyg9-wc51-7ybb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80625?format=json","vulnerability_id":"VCID-h6u5-n817-h3d6","summary":"Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1489","reference_id":"","reference_type":"","scores":[{"value":"0.33213","scoring_system":"epss","scoring_elements":"0.96989","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1489"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472635","reference_id":"472635","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472635"},{"reference_url":"https://security.gentoo.org/glsa/200804-25","reference_id":"GLSA-200804-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364814?format=json","purl":"pkg:deb/debian/vlc@0.8.6.e-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-1489"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6u5-n817-h3d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79061?format=json","vulnerability_id":"VCID-h9x2-nkvh-cfan","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14498","reference_id":"","reference_type":"","scores":[{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69266","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14498"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h9x2-nkvh-cfan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87949?format=json","vulnerability_id":"VCID-haah-f18w-23fk","summary":"xine-lib contains an exploitable buffer overflow in the VCD handling code","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1475","reference_id":"","reference_type":"","scores":[{"value":"0.05483","scoring_system":"epss","scoring_elements":"0.90346","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1475"},{"reference_url":"https://security.gentoo.org/glsa/200408-18","reference_id":"GLSA-200408-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200408-18"},{"reference_url":"https://security.gentoo.org/glsa/200409-30","reference_id":"GLSA-200409-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200409-30"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/386.c","reference_id":"OSVDB-10041;CVE-2004-1475","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/386.c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2004-1475"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-haah-f18w-23fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91426?format=json","vulnerability_id":"VCID-harf-7fgm-e3bg","summary":"A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46814","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28608","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46814"},{"reference_url":"https://www.videolan.org/security/sb-vlc3019.html","reference_id":"sb-vlc3019.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T15:15:48Z/"}],"url":"https://www.videolan.org/security/sb-vlc3019.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2023-46814"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-harf-7fgm-e3bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81087?format=json","vulnerability_id":"VCID-htn6-yzy9-5bhh","summary":"Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0021","reference_id":"","reference_type":"","scores":[{"value":"0.10195","scoring_system":"epss","scoring_elements":"0.9325","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0021"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364831?format=json","purl":"pkg:deb/debian/vlc@1.1.3-1squeeze2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1squeeze2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-0021"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-htn6-yzy9-5bhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67839?format=json","vulnerability_id":"VCID-hw7c-scr8-3ubr","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14777","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14777"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hw7c-scr8-3ubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54670?format=json","vulnerability_id":"VCID-hx7y-pufr-yfcg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26664","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.5318","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979676","reference_id":"979676","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979676"},{"reference_url":"https://security.archlinux.org/ASA-202101-35","reference_id":"ASA-202101-35","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-35"},{"reference_url":"https://security.archlinux.org/AVG-1423","reference_id":"AVG-1423","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1423"},{"reference_url":"https://security.gentoo.org/glsa/202101-37","reference_id":"GLSA-202101-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-37"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364866?format=json","purl":"pkg:deb/debian/vlc@3.0.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-26664"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hx7y-pufr-yfcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80689?format=json","vulnerability_id":"VCID-hy5g-janm-k7db","summary":"Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4558","reference_id":"","reference_type":"","scores":[{"value":"0.19574","scoring_system":"epss","scoring_elements":"0.95514","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502314","reference_id":"502314","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502314"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/6756.txt","reference_id":"OSVDB-63986;CVE-2008-4558;OSVDB-49112","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/6756.txt"},{"reference_url":"http://www.coresecurity.com/content/vlc-xspf-memory-corruption","reference_id":"OSVDB-63986;CVE-2008-4558;OSVDB-49112","reference_type":"exploit","scores":[],"url":"http://www.coresecurity.com/content/vlc-xspf-memory-corruption"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364820?format=json","purl":"pkg:deb/debian/vlc@0.9.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.9.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-4558"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hy5g-janm-k7db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81796?format=json","vulnerability_id":"VCID-j1ew-2wsn-ykfk","summary":"The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1684","reference_id":"","reference_type":"","scores":[{"value":"0.1275","scoring_system":"epss","scoring_elements":"0.94114","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1684"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743033","reference_id":"743033","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743033"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31429.py","reference_id":"CVE-2014-1684;OSVDB-103019","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31429.py"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364845?format=json","purl":"pkg:deb/debian/vlc@2.1.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-1684"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1ew-2wsn-ykfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71626?format=json","vulnerability_id":"VCID-j1m9-4xjz-nfcs","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6933","reference_id":"","reference_type":"","scores":[{"value":"0.03355","scoring_system":"epss","scoring_elements":"0.87536","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6933"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364845?format=json","purl":"pkg:deb/debian/vlc@2.1.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.1.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-6933"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1m9-4xjz-nfcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78962?format=json","vulnerability_id":"VCID-j4s2-bcsf-mkhj","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17670","reference_id":"","reference_type":"","scores":[{"value":"0.01254","scoring_system":"epss","scoring_elements":"0.7967","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17670"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364853?format=json","purl":"pkg:deb/debian/vlc@3.0.0~rc2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.0~rc2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2017-17670"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j4s2-bcsf-mkhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80664?format=json","vulnerability_id":"VCID-jk2v-69pf-7yea","summary":"Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3732","reference_id":"","reference_type":"","scores":[{"value":"0.32143","scoring_system":"epss","scoring_elements":"0.9691","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732"},{"reference_url":"https://security.gentoo.org/glsa/200809-06","reference_id":"GLSA-200809-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200809-06"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6252.txt","reference_id":"OSVDB-47541;CVE-2008-3732","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6252.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364818?format=json","purl":"pkg:deb/debian/vlc@0.8.6.h-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-3732"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jk2v-69pf-7yea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81701?format=json","vulnerability_id":"VCID-jkex-a5gg-qbf4","summary":"plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception.  NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating \"This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine.\" A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3245","reference_id":"","reference_type":"","scores":[{"value":"0.01865","scoring_system":"epss","scoring_elements":"0.83388","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3245"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245"},{"reference_url":"http://secunia.com/blog/372/","reference_id":"372","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/"}],"url":"http://secunia.com/blog/372/"},{"reference_url":"http://secunia.com/advisories/52956","reference_id":"52956","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/"}],"url":"http://secunia.com/advisories/52956"},{"reference_url":"http://www.securityfocus.com/bid/61032","reference_id":"61032","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/"}],"url":"http://www.securityfocus.com/bid/61032"},{"reference_url":"http://seclists.org/fulldisclosure/2013/Jul/71","reference_id":"71","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/"}],"url":"http://seclists.org/fulldisclosure/2013/Jul/71"},{"reference_url":"http://seclists.org/fulldisclosure/2013/Jul/77","reference_id":"77","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/"}],"url":"http://seclists.org/fulldisclosure/2013/Jul/77"},{"reference_url":"http://seclists.org/fulldisclosure/2013/Jul/79","reference_id":"79","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/"}],"url":"http://seclists.org/fulldisclosure/2013/Jul/79"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"},{"reference_url":"http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia","reference_id":"More-lies-from-Secunia","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T20:20:26Z/"}],"url":"http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364842?format=json","purl":"pkg:deb/debian/vlc@2.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-3245"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jkex-a5gg-qbf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74237?format=json","vulnerability_id":"VCID-k3tp-vnj7-q3f3","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8311","reference_id":"","reference_type":"","scores":[{"value":"0.07052","scoring_system":"epss","scoring_elements":"0.91627","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313"},{"reference_url":"https://security.archlinux.org/ASA-201706-1","reference_id":"ASA-201706-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-1"},{"reference_url":"https://security.archlinux.org/AVG-283","reference_id":"AVG-283","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-283"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44514.py","reference_id":"CVE-2017-8311","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/44514.py"},{"reference_url":"https://security.gentoo.org/glsa/201707-10","reference_id":"GLSA-201707-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364855?format=json","purl":"pkg:deb/debian/vlc@2.2.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2017-8311"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3tp-vnj7-q3f3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65165?format=json","vulnerability_id":"VCID-k937-r667-5fg5","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14778","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14778"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k937-r667-5fg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62356?format=json","vulnerability_id":"VCID-kh3n-9s3z-sqhj","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6071","reference_id":"","reference_type":"","scores":[{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64749","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080"},{"reference_url":"https://security.archlinux.org/ASA-202004-24","reference_id":"ASA-202004-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-24"},{"reference_url":"https://security.archlinux.org/AVG-1136","reference_id":"AVG-1136","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1136"},{"reference_url":"https://security.gentoo.org/glsa/202005-10","reference_id":"GLSA-202005-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-10"},{"reference_url":"https://usn.ubuntu.com/7239-1/","reference_id":"USN-7239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7239-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364867?format=json","purl":"pkg:deb/debian/vlc@3.0.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-6071"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kh3n-9s3z-sqhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80944?format=json","vulnerability_id":"VCID-kmyx-swec-bbg9","summary":"Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2062","reference_id":"","reference_type":"","scores":[{"value":"0.02991","scoring_system":"epss","scoring_elements":"0.8678","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2062"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2062","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2062"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581245","reference_id":"581245","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581245"},{"reference_url":"https://security.gentoo.org/glsa/201310-13","reference_id":"GLSA-201310-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-13"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364827?format=json","purl":"pkg:deb/debian/vlc@1.0.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-2062"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kmyx-swec-bbg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74238?format=json","vulnerability_id":"VCID-ky41-ymby-m7ey","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8310","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39771","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8313"},{"reference_url":"https://security.archlinux.org/ASA-201706-1","reference_id":"ASA-201706-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-1"},{"reference_url":"https://security.archlinux.org/AVG-283","reference_id":"AVG-283","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-283"},{"reference_url":"https://security.gentoo.org/glsa/201707-10","reference_id":"GLSA-201707-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201707-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364854?format=json","purl":"pkg:deb/debian/vlc@2.2.5.1-1~deb9u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.5.1-1~deb9u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2017-8310"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ky41-ymby-m7ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91424?format=json","vulnerability_id":"VCID-m6vp-3n9d-3yb8","summary":"VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0904","reference_id":"","reference_type":"","scores":[{"value":"0.08065","scoring_system":"epss","scoring_elements":"0.92257","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0904"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18309.pl","reference_id":"OSVDB-78618;CVE-2012-0904","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18309.pl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2012-0904"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6vp-3n9d-3yb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80648?format=json","vulnerability_id":"VCID-mfeq-7yau-27aw","summary":"Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2430","reference_id":"","reference_type":"","scores":[{"value":"0.07893","scoring_system":"epss","scoring_elements":"0.92143","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489004","reference_id":"489004","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489004"},{"reference_url":"https://security.gentoo.org/glsa/200807-13","reference_id":"GLSA-200807-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364817?format=json","purl":"pkg:deb/debian/vlc@0.8.6.h-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-2430"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfeq-7yau-27aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81703?format=json","vulnerability_id":"VCID-mh6m-sbyf-dkag","summary":"Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3565","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51819","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3565"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364842?format=json","purl":"pkg:deb/debian/vlc@2.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-3565"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mh6m-sbyf-dkag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80606?format=json","vulnerability_id":"VCID-mkyh-xdxg-dyg4","summary":"Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0295","reference_id":"","reference_type":"","scores":[{"value":"0.32938","scoring_system":"epss","scoring_elements":"0.96973","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0295"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544","reference_id":"461544","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544"},{"reference_url":"https://security.gentoo.org/glsa/200803-13","reference_id":"GLSA-200803-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364812?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-0295"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyh-xdxg-dyg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88518?format=json","vulnerability_id":"VCID-mmgn-gpwj-5ygx","summary":"Multiple vulnerabilities in xine-lib might result in the remote execution\n    of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5248","reference_id":"","reference_type":"","scores":[{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68711","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5248"},{"reference_url":"https://security.gentoo.org/glsa/201006-04","reference_id":"GLSA-201006-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-04"},{"reference_url":"https://usn.ubuntu.com/710-1/","reference_id":"USN-710-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/710-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-5248"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mmgn-gpwj-5ygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72491?format=json","vulnerability_id":"VCID-mp8n-w4cb-63h9","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6080","reference_id":"","reference_type":"","scores":[{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54507","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080"},{"reference_url":"https://security.archlinux.org/ASA-202004-24","reference_id":"ASA-202004-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-24"},{"reference_url":"https://security.archlinux.org/AVG-1136","reference_id":"AVG-1136","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1136"},{"reference_url":"https://security.gentoo.org/glsa/202005-10","reference_id":"GLSA-202005-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-10"},{"reference_url":"https://usn.ubuntu.com/7239-1/","reference_id":"USN-7239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7239-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364867?format=json","purl":"pkg:deb/debian/vlc@3.0.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-6080"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mp8n-w4cb-63h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72739?format=json","vulnerability_id":"VCID-n48x-hmbw-sbeu","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9300","reference_id":"","reference_type":"","scores":[{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56873","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9300"},{"reference_url":"https://security.archlinux.org/ASA-201712-4","reference_id":"ASA-201712-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201712-4"},{"reference_url":"https://security.archlinux.org/AVG-533","reference_id":"AVG-533","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-533"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364852?format=json","purl":"pkg:deb/debian/vlc@2.2.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2017-9300"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n48x-hmbw-sbeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72741?format=json","vulnerability_id":"VCID-n5a7-1ffj-u3fa","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10699","reference_id":"","reference_type":"","scores":[{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71809","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9300"},{"reference_url":"https://security.archlinux.org/ASA-201712-4","reference_id":"ASA-201712-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201712-4"},{"reference_url":"https://security.archlinux.org/AVG-533","reference_id":"AVG-533","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-533"},{"reference_url":"https://usn.ubuntu.com/USN-4805-1/","reference_id":"USN-USN-4805-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4805-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364852?format=json","purl":"pkg:deb/debian/vlc@2.2.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2017-10699"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5a7-1ffj-u3fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81118?format=json","vulnerability_id":"VCID-n6au-6hme-2bgr","summary":"Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1087","reference_id":"","reference_type":"","scores":[{"value":"0.11007","scoring_system":"epss","scoring_elements":"0.93546","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1087","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1087"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616156","reference_id":"616156","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616156"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364833?format=json","purl":"pkg:deb/debian/vlc@1.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-1087"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6au-6hme-2bgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81242?format=json","vulnerability_id":"VCID-ncpt-w2jn-xqer","summary":"Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3623","reference_id":"","reference_type":"","scores":[{"value":"0.03687","scoring_system":"epss","scoring_elements":"0.88131","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3623"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364828?format=json","purl":"pkg:deb/debian/vlc@1.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-3623"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ncpt-w2jn-xqer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80587?format=json","vulnerability_id":"VCID-nhfw-24cw-cqge","summary":"The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6683","reference_id":"","reference_type":"","scores":[{"value":"0.00895","scoring_system":"epss","scoring_elements":"0.75938","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6683"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318","reference_id":"458318","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318"},{"reference_url":"https://security.gentoo.org/glsa/200803-13","reference_id":"GLSA-200803-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364810?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-6683"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nhfw-24cw-cqge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80640?format=json","vulnerability_id":"VCID-nmu8-cndc-nka7","summary":"Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2147","reference_id":"","reference_type":"","scores":[{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23392","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2147"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480724","reference_id":"480724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480724"},{"reference_url":"https://security.gentoo.org/glsa/200807-13","reference_id":"GLSA-200807-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364816?format=json","purl":"pkg:deb/debian/vlc@0.8.6.e-2.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-2147"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmu8-cndc-nka7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88163?format=json","vulnerability_id":"VCID-nszk-4m4b-dkdg","summary":"Multiple vulnerabilities have been found in VLC, the worst of which\n    could lead to user-assisted execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6934","reference_id":"","reference_type":"","scores":[{"value":"0.03978","scoring_system":"epss","scoring_elements":"0.88593","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6934"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-6934"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nszk-4m4b-dkdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88505?format=json","vulnerability_id":"VCID-nw3h-5kpy-buhq","summary":"Multiple vulnerabilities in xine-lib might result in the remote execution\n    of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5233","reference_id":"","reference_type":"","scores":[{"value":"0.01413","scoring_system":"epss","scoring_elements":"0.80848","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5233"},{"reference_url":"https://security.gentoo.org/glsa/201006-04","reference_id":"GLSA-201006-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-04"},{"reference_url":"https://usn.ubuntu.com/710-1/","reference_id":"USN-710-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/710-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-5233"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nw3h-5kpy-buhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80721?format=json","vulnerability_id":"VCID-p86b-zj2h-6fb9","summary":"Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c.  NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5032","reference_id":"","reference_type":"","scores":[{"value":"0.18203","scoring_system":"epss","scoring_elements":"0.95308","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5032"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504639","reference_id":"504639","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504639"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9686.py","reference_id":"CVE-2008-5032;OSVDB-49808","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9686.py"},{"reference_url":"https://security.gentoo.org/glsa/200812-24","reference_id":"GLSA-200812-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364823?format=json","purl":"pkg:deb/debian/vlc@0.8.6.h-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-5032"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p86b-zj2h-6fb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81175?format=json","vulnerability_id":"VCID-p9qv-v6j4-pufq","summary":"Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2194","reference_id":"","reference_type":"","scores":[{"value":"0.12877","scoring_system":"epss","scoring_elements":"0.94163","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2194"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2194","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2194"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/17372.txt","reference_id":"CVE-2011-2194;OSVDB-73450","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/17372.txt"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364833?format=json","purl":"pkg:deb/debian/vlc@1.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-2194"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9qv-v6j4-pufq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80354?format=json","vulnerability_id":"VCID-pf1e-b2s2-ebfr","summary":"VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a crafted .wmv file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0256","reference_id":"","reference_type":"","scores":[{"value":"0.21639","scoring_system":"epss","scoring_elements":"0.95823","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0256"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0256","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0256"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407290","reference_id":"407290","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407290"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/3119.py","reference_id":"CVE-2007-0256","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/3119.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/29443.py","reference_id":"CVE-2007-0256;OSVDB-39022","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/29443.py"},{"reference_url":"https://www.securityfocus.com/bid/22003/info","reference_id":"CVE-2007-0256;OSVDB-39022","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/22003/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364808?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-0256"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pf1e-b2s2-ebfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74820?format=json","vulnerability_id":"VCID-pk5k-1v8q-37cp","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9628","reference_id":"","reference_type":"","scores":[{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.82218","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866","reference_id":"775866","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364848?format=json","purl":"pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-9628"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pk5k-1v8q-37cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81953?format=json","vulnerability_id":"VCID-pmsk-muwc-uffz","summary":"Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9743","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49116","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9743"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364846?format=json","purl":"pkg:deb/debian/vlc@2.2.0~rc2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-9743"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pmsk-muwc-uffz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81026?format=json","vulnerability_id":"VCID-q36j-35sw-nkeh","summary":"Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3907","reference_id":"","reference_type":"","scores":[{"value":"0.02757","scoring_system":"epss","scoring_elements":"0.86255","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3907"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364830?format=json","purl":"pkg:deb/debian/vlc@1.1.3-1squeeze1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1squeeze1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-3907"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q36j-35sw-nkeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56150?format=json","vulnerability_id":"VCID-q7v4-bzmj-fufj","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41325","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24946","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41325"},{"reference_url":"https://twitter.com/0xMitsurugi","reference_id":"0xMitsurugi","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/"}],"url":"https://twitter.com/0xMitsurugi"},{"reference_url":"https://www.debian.org/security/2022/dsa-5297","reference_id":"dsa-5297","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/"}],"url":"https://www.debian.org/security/2022/dsa-5297"},{"reference_url":"https://security.gentoo.org/glsa/202409-17","reference_id":"GLSA-202409-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-17"},{"reference_url":"https://www.videolan.org/security/sb-vlc3018.html","reference_id":"sb-vlc3018.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/"}],"url":"https://www.videolan.org/security/sb-vlc3018.html"},{"reference_url":"https://usn.ubuntu.com/6180-1/","reference_id":"USN-6180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6180-1/"},{"reference_url":"https://www.synacktiv.com/sites/default/files/2022-11/vlc_vnc_int_overflow-CVE-2022-41325.pdf","reference_id":"vlc_vnc_int_overflow-CVE-2022-41325.pdf","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T19:35:16Z/"}],"url":"https://www.synacktiv.com/sites/default/files/2022-11/vlc_vnc_int_overflow-CVE-2022-41325.pdf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364869?format=json","purl":"pkg:deb/debian/vlc@3.0.18-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.18-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364868?format=json","purl":"pkg:deb/debian/vlc@3.0.18-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2022-41325"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q7v4-bzmj-fufj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80921?format=json","vulnerability_id":"VCID-qmva-vqp9-wkfq","summary":"Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) A/52, (2) DTS, or (3) MPEG Audio decoder.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1441","reference_id":"","reference_type":"","scores":[{"value":"0.01795","scoring_system":"epss","scoring_elements":"0.8308","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1441"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364826?format=json","purl":"pkg:deb/debian/vlc@1.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-1441"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmva-vqp9-wkfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54876?format=json","vulnerability_id":"VCID-qqmh-7j5d-fyau","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6072","reference_id":"","reference_type":"","scores":[{"value":"0.0112","scoring_system":"epss","scoring_elements":"0.78545","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080"},{"reference_url":"https://security.archlinux.org/ASA-202004-24","reference_id":"ASA-202004-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-24"},{"reference_url":"https://security.archlinux.org/AVG-1136","reference_id":"AVG-1136","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1136"},{"reference_url":"https://security.gentoo.org/glsa/202005-10","reference_id":"GLSA-202005-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-10"},{"reference_url":"https://usn.ubuntu.com/7239-1/","reference_id":"USN-7239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7239-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364867?format=json","purl":"pkg:deb/debian/vlc@3.0.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-6072"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqmh-7j5d-fyau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80477?format=json","vulnerability_id":"VCID-r5k9-wp2y-dkdx","summary":"input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3468","reference_id":"","reference_type":"","scores":[{"value":"0.0103","scoring_system":"epss","scoring_elements":"0.77614","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3468"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726","reference_id":"429726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364809?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c.debian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c.debian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-3468"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5k9-wp2y-dkdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91425?format=json","vulnerability_id":"VCID-r6ha-cnd9-8qhv","summary":"codec\\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3441","reference_id":"","reference_type":"","scores":[{"value":"0.07967","scoring_system":"epss","scoring_elements":"0.92191","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3441"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39177.py","reference_id":"CVE-2014-3441;OSVDB-106843","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39177.py"},{"reference_url":"https://www.securityfocus.com/bid/67315/info","reference_id":"CVE-2014-3441;OSVDB-106843","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/67315/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-3441"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r6ha-cnd9-8qhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80341?format=json","vulnerability_id":"VCID-ra3c-5cmg-3kbc","summary":"Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0017","reference_id":"","reference_type":"","scores":[{"value":"0.51215","scoring_system":"epss","scoring_elements":"0.97924","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0017"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405425","reference_id":"405425","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405425"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/3069.pl","reference_id":"CVE-2007-0017","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/3069.pl"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/local/3070.pl","reference_id":"CVE-2007-0017","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/local/3070.pl"},{"reference_url":"https://security.gentoo.org/glsa/200701-24","reference_id":"GLSA-200701-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200701-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364807?format=json","purl":"pkg:deb/debian/vlc@0.8.6-svn20061012.debian-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6-svn20061012.debian-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-0017"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ra3c-5cmg-3kbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60156?format=json","vulnerability_id":"VCID-rtqa-7qnr-6kap","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14438","reference_id":"","reference_type":"","scores":[{"value":"0.0051","scoring_system":"epss","scoring_elements":"0.66665","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14438"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rtqa-7qnr-6kap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82213?format=json","vulnerability_id":"VCID-shrz-362s-4bcd","summary":"Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to \"seek across EOF.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3941","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54139","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364850?format=json","purl":"pkg:deb/debian/vlc@2.2.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2016-3941"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-shrz-362s-4bcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78713?format=json","vulnerability_id":"VCID-sjvw-g3qd-eyep","summary":"xine-lib: Quicktime STTS Atom Integer Overflow (TKADV2009-005)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1274.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1274.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1274","reference_id":"","reference_type":"","scores":[{"value":"0.03701","scoring_system":"epss","scoring_elements":"0.8815","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1274"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495031","reference_id":"495031","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495031"},{"reference_url":"https://security.gentoo.org/glsa/201006-04","reference_id":"GLSA-201006-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-04"},{"reference_url":"https://usn.ubuntu.com/763-1/","reference_id":"USN-763-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/763-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2009-1274"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sjvw-g3qd-eyep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87937?format=json","vulnerability_id":"VCID-skfs-uz7r-mfbj","summary":"xine-lib is vulnerable to multiple buffer overflows when processing FLAC\n    and ASF streams.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1664","reference_id":"","reference_type":"","scores":[{"value":"0.06458","scoring_system":"epss","scoring_elements":"0.91212","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1664"},{"reference_url":"https://security.gentoo.org/glsa/200604-16","reference_id":"GLSA-200604-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200604-16"},{"reference_url":"https://security.gentoo.org/glsa/200802-12","reference_id":"GLSA-200802-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200802-12"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/1641.pl","reference_id":"OSVDB-42658;CVE-2008-1110;OSVDB-25004;CVE-2006-1664;OSVDB-24581","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/1641.pl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2006-1664"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-skfs-uz7r-mfbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89375?format=json","vulnerability_id":"VCID-snpw-1gbj-2udf","summary":"Multiple vulnerabilities have been found in VLC allowing remote\n    attackers to execute arbitrary code or cause Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9625","reference_id":"","reference_type":"","scores":[{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.82218","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9625"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-9625"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-snpw-1gbj-2udf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80923?format=json","vulnerability_id":"VCID-sp9r-p23e-zqhj","summary":"The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty location element in an XML Shareable Playlist Format (XSPF) document.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1443","reference_id":"","reference_type":"","scores":[{"value":"0.00535","scoring_system":"epss","scoring_elements":"0.6772","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1443"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364826?format=json","purl":"pkg:deb/debian/vlc@1.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-1443"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sp9r-p23e-zqhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79176?format=json","vulnerability_id":"VCID-svw6-aaq2-m3hf","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5949","reference_id":"","reference_type":"","scores":[{"value":"0.07445","scoring_system":"epss","scoring_elements":"0.91872","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5949"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796255","reference_id":"796255","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796255"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364849?format=json","purl":"pkg:deb/debian/vlc@2.2.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2015-5949"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svw6-aaq2-m3hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80924?format=json","vulnerability_id":"VCID-t4v1-1k8v-uybx","summary":"The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted archive.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1444","reference_id":"","reference_type":"","scores":[{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83543","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1444"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1444"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364826?format=json","purl":"pkg:deb/debian/vlc@1.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-1444"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4v1-1k8v-uybx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85515?format=json","vulnerability_id":"VCID-t9s4-nm75-bkc7","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-47360","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26156","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-47360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47360"},{"reference_url":"https://0xariana.github.io/blog/real_bugs/vlc/mms","reference_id":"mms","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:43:13Z/"}],"url":"https://0xariana.github.io/blog/real_bugs/vlc/mms"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html","reference_id":"msg00034.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:43:13Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html"},{"reference_url":"https://usn.ubuntu.com/6783-1/","reference_id":"USN-6783-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6783-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364871?format=json","purl":"pkg:deb/debian/vlc@3.0.20-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364870?format=json","purl":"pkg:deb/debian/vlc@3.0.20-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364872?format=json","purl":"pkg:deb/debian/vlc@3.0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2023-47360"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t9s4-nm75-bkc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71137?format=json","vulnerability_id":"VCID-td8j-zjkp-hfdd","summary":"taglib: Division by zero while parsing properties of certain MP4 audio files","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2396.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2396","reference_id":"","reference_type":"","scores":[{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.84103","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2396"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=818583","reference_id":"818583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=818583"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18757.txt","reference_id":"CVE-2012-2396;OSVDB-81224","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18757.txt"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2012-2396"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-td8j-zjkp-hfdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80475?format=json","vulnerability_id":"VCID-tt91-ztvn-kbf6","summary":"Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3316","reference_id":"","reference_type":"","scores":[{"value":"0.30256","scoring_system":"epss","scoring_elements":"0.96764","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3316"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726","reference_id":"429726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429726"},{"reference_url":"https://security.gentoo.org/glsa/200707-12","reference_id":"GLSA-200707-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200707-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364808?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-3316"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tt91-ztvn-kbf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80691?format=json","vulnerability_id":"VCID-u3h3-qmbh-13br","summary":"Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4654","reference_id":"","reference_type":"","scores":[{"value":"0.82125","scoring_system":"epss","scoring_elements":"0.9923","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4654"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502726","reference_id":"502726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502726"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16629.rb","reference_id":"CVE-2008-4654;OSVDB-49181","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16629.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6798.pl","reference_id":"OSVDB-49453;CVE-2008-4686;OSVDB-49181;CVE-2008-4654","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6798.pl"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6825.pl","reference_id":"OSVDB-49453;CVE-2008-4686;OSVDB-49181;CVE-2008-4654","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6825.pl"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364821?format=json","purl":"pkg:deb/debian/vlc@1.0.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-4654"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u3h3-qmbh-13br"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80736?format=json","vulnerability_id":"VCID-u79p-e66u-43at","summary":"Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5276","reference_id":"","reference_type":"","scores":[{"value":"0.05924","scoring_system":"epss","scoring_elements":"0.90755","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5276","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5276"},{"reference_url":"https://security.gentoo.org/glsa/200812-24","reference_id":"GLSA-200812-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364824?format=json","purl":"pkg:deb/debian/vlc@0.9.8a-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.9.8a-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-5276"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u79p-e66u-43at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79062?format=json","vulnerability_id":"VCID-ucjs-875y-afhs","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14970","reference_id":"","reference_type":"","scores":[{"value":"0.00623","scoring_system":"epss","scoring_elements":"0.70462","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14970"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ucjs-875y-afhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81104?format=json","vulnerability_id":"VCID-ufqp-rwut-g3dc","summary":"The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening \"<\" without a closing \">\" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0522","reference_id":"","reference_type":"","scores":[{"value":"0.66189","scoring_system":"epss","scoring_elements":"0.98542","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0522"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/16108.txt","reference_id":"CVE-2011-0522;OSVDB-72906;OSVDB-72905","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/16108.txt"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364831?format=json","purl":"pkg:deb/debian/vlc@1.1.3-1squeeze2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.1.3-1squeeze2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2011-0522"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ufqp-rwut-g3dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80665?format=json","vulnerability_id":"VCID-ug67-e5a7-bugv","summary":"Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3794","reference_id":"","reference_type":"","scores":[{"value":"0.09199","scoring_system":"epss","scoring_elements":"0.9283","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496265","reference_id":"496265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496265"},{"reference_url":"https://security.gentoo.org/glsa/200809-06","reference_id":"GLSA-200809-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200809-06"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6293.txt","reference_id":"OSVDB-47836;CVE-2008-3794","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/6293.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364819?format=json","purl":"pkg:deb/debian/vlc@0.8.6.h-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-3794"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ug67-e5a7-bugv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79059?format=json","vulnerability_id":"VCID-umcc-yy7j-2qc3","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5460","reference_id":"","reference_type":"","scores":[{"value":"0.00914","scoring_system":"epss","scoring_elements":"0.76219","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5460"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364861?format=json","purl":"pkg:deb/debian/vlc@3.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-5460"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-umcc-yy7j-2qc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82869?format=json","vulnerability_id":"VCID-un24-zjr5-t7d7","summary":"The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11516","reference_id":"","reference_type":"","scores":[{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69805","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11516"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11516"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364858?format=json","purl":"pkg:deb/debian/vlc@3.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2018-11516"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-un24-zjr5-t7d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55699?format=json","vulnerability_id":"VCID-veky-7hh5-byhq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6073","reference_id":"","reference_type":"","scores":[{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.68248","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080"},{"reference_url":"https://security.archlinux.org/ASA-202004-24","reference_id":"ASA-202004-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-24"},{"reference_url":"https://security.archlinux.org/AVG-1136","reference_id":"AVG-1136","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1136"},{"reference_url":"https://security.gentoo.org/glsa/202005-10","reference_id":"GLSA-202005-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-10"},{"reference_url":"https://usn.ubuntu.com/7239-1/","reference_id":"USN-7239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7239-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364867?format=json","purl":"pkg:deb/debian/vlc@3.0.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-6073"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-veky-7hh5-byhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80722?format=json","vulnerability_id":"VCID-vmmu-2y2z-yygw","summary":"Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c.  NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5036","reference_id":"","reference_type":"","scores":[{"value":"0.68724","scoring_system":"epss","scoring_elements":"0.98642","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5036"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/7051.pl","reference_id":"CVE-2008-5036","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/7051.pl"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18548.rb","reference_id":"CVE-2008-5036;OSVDB-49809","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18548.rb"},{"reference_url":"http://www.trapkit.de/advisories/TKADV2008-011.txt","reference_id":"CVE-2008-5036;OSVDB-49809","reference_type":"exploit","scores":[],"url":"http://www.trapkit.de/advisories/TKADV2008-011.txt"},{"reference_url":"https://security.gentoo.org/glsa/200812-24","reference_id":"GLSA-200812-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364821?format=json","purl":"pkg:deb/debian/vlc@1.0.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@1.0.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-5036"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vmmu-2y2z-yygw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72596?format=json","vulnerability_id":"VCID-w7xq-byfg-affv","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12874","reference_id":"","reference_type":"","scores":[{"value":"0.00897","scoring_system":"epss","scoring_elements":"0.75957","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5460"},{"reference_url":"https://security.archlinux.org/ASA-201906-22","reference_id":"ASA-201906-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201906-22"},{"reference_url":"https://security.archlinux.org/AVG-998","reference_id":"AVG-998","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-998"},{"reference_url":"https://security.gentoo.org/glsa/201908-23","reference_id":"GLSA-201908-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201908-23"},{"reference_url":"https://usn.ubuntu.com/4074-1/","reference_id":"USN-4074-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4074-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364861?format=json","purl":"pkg:deb/debian/vlc@3.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-12874"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7xq-byfg-affv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79032?format=json","vulnerability_id":"VCID-w9z6-r2x4-bbeh","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19857","reference_id":"","reference_type":"","scores":[{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81334","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19857"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915760","reference_id":"915760","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915760"},{"reference_url":"https://usn.ubuntu.com/4074-1/","reference_id":"USN-4074-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4074-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364860?format=json","purl":"pkg:deb/debian/vlc@3.0.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2018-19857"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9z6-r2x4-bbeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80904?format=json","vulnerability_id":"VCID-wfhz-6d7j-7ff5","summary":"Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0364","reference_id":"","reference_type":"","scores":[{"value":"0.20632","scoring_system":"epss","scoring_elements":"0.95682","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0364"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318","reference_id":"458318","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11174.c","reference_id":"OSVDB-61895;CVE-2010-0364","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11174.c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364810?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-0364"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wfhz-6d7j-7ff5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91422?format=json","vulnerability_id":"VCID-wukc-mwey-5uar","summary":"A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a \"bad initialized pointer,\" aka a \"recursive plugin release vulnerability.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6262","reference_id":"","reference_type":"","scores":[{"value":"0.22802","scoring_system":"epss","scoring_elements":"0.95975","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6262"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/4688.html","reference_id":"OSVDB-42192;CVE-2007-6262","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/4688.html"},{"reference_url":"http://www.coresecurity.com/?action=item&id=2035","reference_id":"OSVDB-42192;CVE-2007-6262","reference_type":"exploit","scores":[],"url":"http://www.coresecurity.com/?action=item&id=2035"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-6262"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wukc-mwey-5uar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91423?format=json","vulnerability_id":"VCID-x2rm-v3qg-nbcb","summary":"Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long smb URI in a playlist file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2484","reference_id":"","reference_type":"","scores":[{"value":"0.71229","scoring_system":"epss","scoring_elements":"0.98736","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2484"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/local/16678.rb","reference_id":"CVE-2009-2484;OSVDB-55509","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/local/16678.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9029.rb","reference_id":"OSVDB-55509;CVE-2009-2484","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9029.rb"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2009-2484"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2rm-v3qg-nbcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54559?format=json","vulnerability_id":"VCID-x5ac-mxn1-3kbb","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6078","reference_id":"","reference_type":"","scores":[{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.68248","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6077"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6078"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6080"},{"reference_url":"https://security.archlinux.org/ASA-202004-24","reference_id":"ASA-202004-24","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-24"},{"reference_url":"https://security.archlinux.org/AVG-1136","reference_id":"AVG-1136","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1136"},{"reference_url":"https://security.gentoo.org/glsa/202005-10","reference_id":"GLSA-202005-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-10"},{"reference_url":"https://usn.ubuntu.com/7239-1/","reference_id":"USN-7239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7239-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364867?format=json","purl":"pkg:deb/debian/vlc@3.0.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2020-6078"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ac-mxn1-3kbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70446?format=json","vulnerability_id":"VCID-xcx2-72xy-wyd1","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1954","reference_id":"","reference_type":"","scores":[{"value":"0.02271","scoring_system":"epss","scoring_elements":"0.84914","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705136","reference_id":"705136","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705136"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364841?format=json","purl":"pkg:deb/debian/vlc@2.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2013-1954"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xcx2-72xy-wyd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79453?format=json","vulnerability_id":"VCID-xfy2-641n-uybr","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25803","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51795","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25804"},{"reference_url":"https://usn.ubuntu.com/6180-1/","reference_id":"USN-6180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364866?format=json","purl":"pkg:deb/debian/vlc@3.0.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2021-25803"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfy2-641n-uybr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91421?format=json","vulnerability_id":"VCID-xqjz-9pjm-uqcq","summary":"Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1455","reference_id":"","reference_type":"","scores":[{"value":"0.04348","scoring_system":"epss","scoring_elements":"0.89103","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1455"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2004-1455"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xqjz-9pjm-uqcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88161?format=json","vulnerability_id":"VCID-y2ey-5xbq-2kdx","summary":"Multiple vulnerabilities have been found in VLC, the worst of which\n    could lead to user-assisted execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3124","reference_id":"","reference_type":"","scores":[{"value":"0.08392","scoring_system":"epss","scoring_elements":"0.92439","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3124"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/14750.txt","reference_id":"CVE-2010-3124;OSVDB-67492","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/14750.txt"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364802?format=json","purl":"pkg:deb/debian/vlc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2010-3124"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y2ey-5xbq-2kdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80633?format=json","vulnerability_id":"VCID-ygt3-byr3-7qd7","summary":"Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file.  NOTE: this issue is due to an incomplete fix for CVE-2007-6681.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1881","reference_id":"","reference_type":"","scores":[{"value":"0.53989","scoring_system":"epss","scoring_elements":"0.98049","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1881"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477805","reference_id":"477805","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477805"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5250.cpp","reference_id":"CVE-2008-1881","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5250.cpp"},{"reference_url":"https://security.gentoo.org/glsa/200804-25","reference_id":"GLSA-200804-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-25"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5667.py","reference_id":"OSVDB-44461;CVE-2008-1881","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5667.py"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364815?format=json","purl":"pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-1881"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ygt3-byr3-7qd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80586?format=json","vulnerability_id":"VCID-yqh1-uu6s-wbgw","summary":"Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6682","reference_id":"","reference_type":"","scores":[{"value":"0.34376","scoring_system":"epss","scoring_elements":"0.97071","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318","reference_id":"458318","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/5519.c","reference_id":"CVE-2007-6682","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/5519.c"},{"reference_url":"https://security.gentoo.org/glsa/200803-13","reference_id":"GLSA-200803-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364810?format=json","purl":"pkg:deb/debian/vlc@0.8.6.c-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.c-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2007-6682"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqh1-uu6s-wbgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80692?format=json","vulnerability_id":"VCID-ytbx-nzy9-xkgv","summary":"Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4686","reference_id":"","reference_type":"","scores":[{"value":"0.08258","scoring_system":"epss","scoring_elements":"0.92353","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4686"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503118","reference_id":"503118","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503118"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364822?format=json","purl":"pkg:deb/debian/vlc@0.8.6.h-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.h-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2008-4686"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ytbx-nzy9-xkgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61112?format=json","vulnerability_id":"VCID-z4gn-4kbj-rkcp","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14437","reference_id":"","reference_type":"","scores":[{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68941","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14437"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z4gn-4kbj-rkcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70480?format=json","vulnerability_id":"VCID-z73e-tw25-ufed","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14534","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57232","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14534"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z73e-tw25-ufed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74039?format=json","vulnerability_id":"VCID-zbgs-w496-53a3","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11529","reference_id":"","reference_type":"","scores":[{"value":"0.73818","scoring_system":"epss","scoring_elements":"0.98846","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11529"},{"reference_url":"https://security.archlinux.org/AVG-755","reference_id":"AVG-755","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-755"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/45626.rb","reference_id":"CVE-2018-11529","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/45626.rb"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/fb689da24c9de2ccda6707c6cfe0d053a4844dfd/modules/exploits/windows/fileformat/vlc_mkv.rb","reference_id":"CVE-2018-11529","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/fb689da24c9de2ccda6707c6cfe0d053a4844dfd/modules/exploits/windows/fileformat/vlc_mkv.rb"},{"reference_url":"https://usn.ubuntu.com/USN-4805-1/","reference_id":"USN-USN-4805-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4805-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364859?format=json","purl":"pkg:deb/debian/vlc@3.0.3-1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.3-1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2018-11529"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zbgs-w496-53a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74818?format=json","vulnerability_id":"VCID-zjhj-7ry5-3bcj","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9627","reference_id":"","reference_type":"","scores":[{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56858","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866","reference_id":"775866","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775866"},{"reference_url":"https://security.gentoo.org/glsa/201603-08","reference_id":"GLSA-201603-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364848?format=json","purl":"pkg:deb/debian/vlc@2.2.0~rc2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.2.0~rc2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2014-9627"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjhj-7ry5-3bcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64516?format=json","vulnerability_id":"VCID-zvzp-xfag-67dz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14535","reference_id":"","reference_type":"","scores":[{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.57674","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14970"},{"reference_url":"https://security.gentoo.org/glsa/201909-02","reference_id":"GLSA-201909-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-02"},{"reference_url":"https://usn.ubuntu.com/4131-1/","reference_id":"USN-4131-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4131-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364863?format=json","purl":"pkg:deb/debian/vlc@3.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14535"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zvzp-xfag-67dz"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"}