An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka ‘Microsoft Graphics Components Information Disclosure Vulnerability’.
CWE-125
CVE-2019-13615
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
CVE-2019-1347
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka ‘Windows Denial of Service Vulnerability’. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346.
CVE-2019-13470
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.
CVE-2019-13503
mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read.
CVE-2019-13504
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.