CWE-787

ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c.

In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c.

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadataexif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka ‘Media Foundation Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2020-1379, CVE-2020-1477, CVE-2020-1478, CVE-2020-1492, CVE-2020-1554.