VulnerableCode Package Details - pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4ygc-xk6x-5qb5	Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.	CVE-2023-47360
VCID-naqh-vqhq-b3hw	VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges.	CVE-2024-46461
VCID-skzz-xkdf-xbhw	An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.	CVE-2022-41325
VCID-ugj8-kgfn-dbhw	Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.	CVE-2023-47359
VCID-wek2-y3ku-pbbs	security update	DSA-5165-1 vlc

Vulnerability

Summary

Aliases

VCID-4ygc-xk6x-5qb5

Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.

CVE-2023-47360

VCID-naqh-vqhq-b3hw

VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges.

CVE-2024-46461

VCID-skzz-xkdf-xbhw

An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.

CVE-2022-41325

VCID-ugj8-kgfn-dbhw

Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.

CVE-2023-47359

VCID-wek2-y3ku-pbbs

security update

DSA-5165-1 vlc

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T19:55:50.001196+00:00	Debian Oval Importer	Fixing	VCID-wek2-y3ku-pbbs	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T18:09:31.801792+00:00	Debian Oval Importer	Fixing	VCID-naqh-vqhq-b3hw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:42:14.044141+00:00	Debian Oval Importer	Fixing	VCID-skzz-xkdf-xbhw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T13:01:53.513467+00:00	Debian Oval Importer	Fixing	VCID-ugj8-kgfn-dbhw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:06:11.372556+00:00	Debian Oval Importer	Fixing	VCID-4ygc-xk6x-5qb5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0