Search for vulnerabilities
Vulnerability details: VCID-ugj8-kgfn-dbhw
Vulnerability ID VCID-ugj8-kgfn-dbhw
Aliases CVE-2023-47359
Summary Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
Status Published
Exploitability 0.5
Weighted Severity 8.8
Risk 4.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00126 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2023-47359
Reference id Reference type URL
https://0xariana.github.io/blog/real_bugs/vlc/mms
https://api.first.org/data/v1/epss?cve=CVE-2023-47359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47360
https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html
cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
CVE-2023-47359 https://nvd.nist.gov/vuln/detail/CVE-2023-47359
USN-6783-1 https://usn.ubuntu.com/6783-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-47359
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.32703
EPSS Score 0.00126
Published At Sept. 23, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:35:19.364448+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/6783-1/ 37.0.0