pandora CVE Vulnerabilities & Metrics

Focus on pandora vulnerabilities and metrics.

Last updated: 29 Jun 2025, 22:25 UTC

About pandora Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with pandora. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total pandora CVEs: 3
Earliest CVE date: 20 Dec 2018, 14:29 UTC
Latest CVE date: 05 Aug 2024, 17:15 UTC

Latest CVE reference: CVE-2024-41200

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 1

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical pandora CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 3.7

Max CVSS: 6.8

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	1
4.0-6.9	2
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS pandora CVEs

These are the five CVEs with the highest CVSS scores for pandora, sorted by severity first and recency.

CVE-2018-5200 pandora Published on 20 Dec 2018, 14:29 UTC (CVSS: 6.8)
KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted FLV format file. The problem is that more frame data is copied to heap memory than the size specified in the frame header. This results in a memory corruption and remote code execution.
CVE-2023-1745 pandora Published on 30 Mar 2023, 23:15 UTC (CVSS: 4.3)
A vulnerability, which was classified as problematic, has been found in KMPlayer 4.2.2.73. This issue affects some unknown processing in the library SHFOLDER.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224633 was assigned to this vulnerability.
CVE-2024-41200 pandora Published on 05 Aug 2024, 17:15 UTC (CVSS: 0)
A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file.

All CVEs for pandora

CVE-2024-41200 pandora vulnerability CVSS: 0 05 Aug 2024, 17:15 UTC

A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file.

CVE-2023-1745 pandora vulnerability CVSS: 4.3 30 Mar 2023, 23:15 UTC

A vulnerability, which was classified as problematic, has been found in KMPlayer 4.2.2.73. This issue affects some unknown processing in the library SHFOLDER.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224633 was assigned to this vulnerability.

CVE-2018-5200 pandora vulnerability CVSS: 6.8 20 Dec 2018, 14:29 UTC

KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted FLV format file. The problem is that more frame data is copied to heap memory than the size specified in the frame header. This results in a memory corruption and remote code execution.