Filtered by vendor Realnetworks
Subscriptions
Total
217 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0455 | 2 Realnetworks, Redhat | 4 Realone Player, Realplayer, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value. | ||||
| CVE-2005-0755 | 2 Realnetworks, Redhat | 5 Helix Player, Realone Player, Realplayer and 2 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. | ||||
| CVE-2005-4126 | 1 Realnetworks | 1 Realplayer | 2025-04-03 | N/A |
| ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED. | ||||
| CVE-2005-2054 | 1 Realnetworks | 2 Realone Player, Realplayer | 2025-04-03 | N/A |
| Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file. | ||||
| CVE-2005-0611 | 2 Realnetworks, Redhat | 5 Helix Player, Realone Player, Realplayer and 2 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | ||||
| CVE-2002-0207 | 1 Realnetworks | 2 Realone Player, Realplayer Intranet | 2025-04-03 | N/A |
| Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header. | ||||
| CVE-2006-3276 | 1 Realnetworks | 1 Helix Dna Server | 2025-04-03 | N/A |
| Heap-based buffer overflow in RealNetworks Helix DNA Server 10.0 and 11.0 allows remote attackers to execute arbitrary code via (1) a long User-Agent HTTP header in the RTSP service and (2) unspecified vectors involving the "parsing of HTTP URL schemes". | ||||
| CVE-2000-0474 | 1 Realnetworks | 1 Realserver | 2025-04-03 | N/A |
| Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory. | ||||
| CVE-2005-0348 | 1 Realnetworks | 1 Realarcade | 2025-04-03 | N/A |
| Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag. | ||||
| CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2025-04-03 | N/A |
| Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | ||||
| CVE-2005-0347 | 1 Realnetworks | 1 Realarcade | 2025-04-03 | N/A |
| Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary code via an RGS file with an invalid size string for the GUID and game name, which leads to a buffer overflow. | ||||
| CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2025-04-03 | N/A |
| RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | ||||
| CVE-2005-0191 | 2 Realnetworks, Redhat | 3 Realone Player, Realplayer, Rhel Extras | 2025-04-03 | N/A |
| Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag. | ||||
| CVE-1999-0896 | 1 Realnetworks | 1 Realserver G2 | 2025-04-03 | N/A |
| Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password. | ||||
| CVE-1999-1369 | 1 Realnetworks | 1 Realserver | 2025-04-03 | N/A |
| Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. | ||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2025-04-03 | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | ||||
| CVE-1999-1045 | 1 Realnetworks | 1 Realserver | 2025-04-03 | N/A |
| pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request. | ||||
| CVE-2005-0190 | 1 Realnetworks | 2 Realone Player, Realplayer | 2025-04-03 | N/A |
| Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. | ||||
| CVE-2004-1798 | 1 Realnetworks | 3 Realone Enterprise Desktop, Realone Player, Realplayer | 2025-04-03 | N/A |
| RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" zone via a Synchronized Multimedia Integration Language (SMIL) presentation with a "file:javascript:" URL, which is executed in the security context of the previously loaded URL, a different vulnerability than CVE-2003-0726. | ||||
| CVE-2004-1416 | 2 Microsoft, Realnetworks | 2 Internet Explorer, Realone Player | 2025-04-03 | N/A |
| pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | ||||