AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp.
CWE-787
CVE-2019-1468
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka ‘Win32k Graphics Remote Code Execution Vulnerability’.
CVE-2019-14690
AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::__bmf_convert_stream() in bmf.cpp.
CVE-2019-14691
AdPlug 2.3.1 has a heap-based buffer overflow in CdtmLoader::load() in dtm.cpp.
CVE-2019-14692
AdPlug 2.3.1 has a heap-based buffer overflow in CmkjPlayer::load() in mkj.cpp.
CVE-2019-14697
musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application’s source code.