CWE-416

CVE-2019-14778

February 26, 2023 by

The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.

A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifilter for directory change notifications. This allows an attacker to cause a denial of service (BSOD) when an executable is run inside the container.

CVE-2019-14533

February 26, 2023 by

The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free.

CVE-2019-14586

February 26, 2023 by

Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.

CVE-2019-1429

February 26, 2023 by

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.

CVE-2019-14294

February 26, 2023 by

An issue was discovered in Xpdf 4.01.01. There is a use-after-free in the function JPXStream::fillReadBuf at JPXStream.cc, due to an out of bounds read.