CVE Tools

videolan

Consumer SoftwareFRoss-project

96

Cumulative CVEs

33

Monthly snapshots

#16

Peak rank

Top products

vlc media player4

Latest CVEs

The 15 most recently published vulnerabilities affecting videolan.

CVE-2026-26227VLC for Android < 3.7.0 Remote Access OTP Authentication Bypass3.7Feb 26, 2026
CVE-2026-26228VLC for Android < 3.7.0 Remote Access Path Traversal4.9Feb 26, 2026
CVE-2025-51602mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server.4.8Jan 16, 2026
CVE-2024-1580Integer overflow in VideoLAN dav1d5.9Feb 19, 2024
CVE-2023-46814A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writa...7.8Nov 22, 2023
CVE-2023-47360Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.7.5Nov 7, 2023
CVE-2023-47359Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.9.8Nov 7, 2023
CVE-2023-32570VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.5.9May 10, 2023
CVE-2022-41325An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to cras...7.8Dec 6, 2022
CVE-2021-25804A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.7.5Jul 26, 2021
CVE-2021-25803A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.7.1Jul 26, 2021
CVE-2021-25802A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.7.1Jul 26, 2021
CVE-2021-25801A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.7.1Jul 26, 2021
CVE-2020-26664A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.7.8Jan 8, 2021
CVE-2020-13428A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial o...7.8Jun 8, 2020