Skip to main content

Kmplayer

7 CVEs product

Monthly

CVE-2024-41200 MEDIUM This Month

A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Kmplayer
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-1745 HIGH POC This Week

A vulnerability, which was classified as problematic, has been found in KMPlayer 4.2.2.73.dll. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kmplayer
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-17259 HIGH POC This Week

KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Kmplayer
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-9133 MEDIUM This Month

When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Kmplayer Fedora
NVD
CVSS 3.1
5.5
EPSS
1.7%
CVE-2018-5200 HIGH This Week

KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Kmplayer
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2017-16952 MEDIUM POC This Month

KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Kmplayer
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
1.3%
CVE-2012-3841 CRITICAL POC Act Now

Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Kmplayer
NVD
CVSS 2.0
9.3
EPSS
0.9%
EPSS 0% CVSS 5.5
MEDIUM This Month

A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Kmplayer
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

A vulnerability, which was classified as problematic, has been found in KMPlayer 4.2.2.73.dll. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kmplayer
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH POC This Week

KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Kmplayer
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM This Month

When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Kmplayer +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Kmplayer
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Kmplayer
NVD Exploit-DB
EPSS 1% CVSS 9.3
CRITICAL POC Act Now

Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Kmplayer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy