VYPR

Vendor CVEs

MPlayer

All CVEs

58 total · sorted by risk
  • CVE-2011-10008HigJul 31, 2025
    risk 0.64cvss epss 0.01

    A stack-based buffer overflow vulnerability exists in MPlayer Lite r33064 due to improper bounds checking when handling M3U playlist files containing long http:// URL entries. An attacker can craft a malicious .m3u file with a specially formatted URL that triggers a stack…

  • CVE-2016-5115MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.01

    The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.

  • CVE-2016-4352MedFeb 3, 2017
    risk 0.36cvss 5.5epss 0.01

    Integer overflow in the demuxer function in libmpdemux/demux_gif.c in Mplayer allows remote attackers to cause a denial of service (crash) via large dimensions in a gif file.

  • CVE-2011-3625Jun 11, 2014
    risk 0.05cvss epss 0.24

    Stack-based buffer overflow in the sub_read_line_sami function in subreader.c in MPlayer, as used in SMPlayer 0.6.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a SAMI subtitle file.

  • CVE-2004-0386May 4, 2004
    risk 0.05cvss epss 0.27

    Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.

  • CVE-2008-4610Oct 20, 2008
    risk 0.04cvss epss 0.09

    MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718.

  • CVE-2008-1558Mar 31, 2008
    risk 0.04cvss epss 0.17

    Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow.

  • CVE-2008-0485Feb 5, 2008
    risk 0.04cvss epss 0.09

    Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.

  • CVE-2007-4938Sep 18, 2007
    risk 0.04cvss epss 0.16

    Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a…

  • CVE-2004-0659Aug 6, 2004
    risk 0.04cvss epss 0.16

    Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long file name.

  • CVE-2003-0835Nov 17, 2003
    risk 0.03cvss epss 0.05

    Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.

  • CVE-2008-5616Dec 17, 2008
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file.

  • CVE-2008-3827Sep 29, 2008
    risk 0.01cvss epss 0.11

    Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or…

  • CVE-2026-12706Jun 19, 2026
    risk 0.00cvss epss 0.00

    A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decode_move() function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker…

  • CVE-2020-19824Feb 17, 2023
    risk 0.00cvss epss 0.00

    An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter.

  • CVE-2022-38600Sep 15, 2022
    risk 0.00cvss epss 0.00

    Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c.

  • CVE-2022-38853Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38856Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38862Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38858Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38860Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38851Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38863Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

  • CVE-2022-38861Sep 15, 2022
    risk 0.00cvss epss 0.00

    The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.

  • CVE-2022-38866Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38864Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

  • CVE-2022-38865Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38855Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38850Sep 15, 2022
    risk 0.00cvss epss 0.00

    The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c.

  • CVE-2022-32317Jul 14, 2022
    risk 0.00cvss epss 0.01

    The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call.…

  • CVE-2010-2062Dec 26, 2014
    risk 0.00cvss epss 0.04

    Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an…

  • CVE-2011-2162May 20, 2011
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors,…

  • CVE-2011-2161May 20, 2011
    risk 0.00cvss epss 0.01

    The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header…

  • CVE-2011-2160May 20, 2011
    risk 0.00cvss epss 0.02

    The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.

  • CVE-2011-0723May 20, 2011
    risk 0.00cvss epss 0.04

    FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file.

  • CVE-2011-0722May 20, 2011
    risk 0.00cvss epss 0.04

    FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file.

  • CVE-2010-3908May 20, 2011
    risk 0.00cvss epss 0.03

    FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.

  • CVE-2010-3429Sep 30, 2010
    risk 0.00cvss epss 0.04

    flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

  • CVE-2008-4869Nov 1, 2008
    risk 0.00cvss epss 0.02

    FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak."

  • CVE-2007-6718Oct 20, 2008
    risk 0.00cvss epss 0.01

    MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as…

  • CVE-2008-0630Feb 6, 2008
    risk 0.00cvss epss 0.04

    Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.

  • CVE-2008-0629Feb 6, 2008
    risk 0.00cvss epss 0.03

    Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.

  • CVE-2008-0486Feb 5, 2008
    risk 0.00cvss epss 0.05

    Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.

  • CVE-2007-2948Jun 7, 2007
    risk 0.00cvss epss 0.06

    Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category.

  • CVE-2007-1387Mar 13, 2007
    risk 0.00cvss epss 0.04

    The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different…

  • CVE-2007-1246Mar 3, 2007
    risk 0.00cvss epss 0.06

    The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a…

  • CVE-2006-6172Nov 30, 2006
    risk 0.00cvss epss 0.05

    Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute…

  • CVE-2006-1502Mar 30, 2006
    risk 0.00cvss epss 0.03

    Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the…

  • CVE-2006-0579Feb 8, 2006
    risk 0.00cvss epss 0.04

    Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the…

  • CVE-2005-2718Aug 29, 2005
    risk 0.00cvss epss 0.03

    Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk.

Page 1 of 2