CWE-125

An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka ‘Windows Media Player Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-1481.

An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka ‘Windows Media Player Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-1480.

A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-1466, CVE-2019-1467.

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-1465, CVE-2019-1467.

An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c.