Known Vulnerabilities for products from Realnetworks
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Realnetworks".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-32291 json | In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname (for a DLL file) in a... | 8.8 - HIGH | 2022-06-05 | 2022-06-14 |
| CVE-2022-32271 json | In Real Player 20.0.8.310, there is a DCP:// URI Remote Arbitrary Code Execution Vulnerability. This is an internal URL Proto... | 9.6 - CRITICAL | 2022-06-03 | 2022-06-13 |
| CVE-2022-32270 json | In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file types and Directory Traversal,... | 9.8 - CRITICAL | 2022-06-03 | 2022-06-12 |
| CVE-2022-32269 json | In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by... | 9.8 - CRITICAL | 2022-06-03 | 2023-08-08 |
| CVE-2018-13121 json | RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and appl... | 5.5 - MEDIUM | 2018-07-03 | 2018-09-04 |
| CVE-2017-9302 json | RealPlayer 16.0.2.32 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a ... | Not Provided | 2017-05-29 | 2025-04-20 |
| CVE-2016-9018 json | Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash ... | Not Provided | 2016-10-28 | 2026-05-06 |
| CVE-2014-3444 json | The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute a... | Not Provided | 2014-05-20 | 2026-05-06 |
| CVE-2014-3113 json | Multiple buffer overflows in RealNetworks RealPlayer before 17.0.10.8 allow remote attackers to execute arbitrary code via a ... | Not Provided | 2014-07-07 | 2026-05-06 |
| CVE-2013-7260 json | Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.... | Not Provided | 2014-01-03 | 2026-04-29 |
| CVE-2013-6877 json | Heap-based buffer overflow in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, all... | Not Provided | 2013-12-19 | 2026-04-29 |
| CVE-2013-4974 json | RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary c... | Not Provided | 2013-08-27 | 2026-04-29 |
| CVE-2013-4973 json | Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote a... | Not Provided | 2013-08-27 | 2026-04-29 |
| CVE-2013-3299 json | RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or a... | Not Provided | 2013-07-06 | 2026-04-29 |
| CVE-2013-2604 json | RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create... | Not Provided | 2015-01-12 | 2026-05-06 |
| CVE-2013-2603 json | The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcade Installer 2.6.0.481 per... | Not Provided | 2015-01-12 | 2026-05-06 |
| CVE-2013-1750 json | Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote atta... | Not Provided | 2013-03-20 | 2026-04-29 |
| CVE-2012-5691 json | Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to e... | Not Provided | 2012-12-19 | 2026-04-29 |
| CVE-2012-5690 json | RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary cod... | Not Provided | 2012-12-19 | 2026-04-29 |
| CVE-2012-4987 json | Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary ... | Not Provided | 2012-11-04 | 2026-04-29 |
Known software with vulnerabilities from Realnetworks
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Realnetworks | Helix Player | - |
| Application | Realnetworks | Realarcade Installer | 3.0.7 |
| Application | Realnetworks | Realone Player | - |
| Application | Realnetworks | Realplayer | - |
| Application | Realnetworks | Realplayer Sp | - |
| Application | Realnetworks | Realupgrade | 1.1.0 |
| Application | Realnetworks | Rhapsody | 1.0 |