{"id":"CVE-2019-18278","details":"When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security team indicates that they have not been contacted, and have no way of reproducing this issue.","modified":"2026-03-14T09:32:23.509253Z","published":"2019-10-23T14:15:10.667Z","references":[{"type":"EVIDENCE","url":"https://code610.blogspot.com/2019/10/random-bytes-in-vlc-308.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/videolan/vlc-3.0","events":[{"introduced":"0"},{"last_affected":"f350b6b5a7ece8322095ec8b494f58322680eb1e"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.0.8"}]}}],"versions":["0.9.0","0.9.0-test0","0.9.0-test1","0.9.0-test2","0.9.0-test3","1.0.0-pre1","1.0.0-pre2","1.0.0-rc1","1.1.0-ff","1.1.0-pre1","1.2.0-pre1","1.3.0-git","2.1.0-git","2.2.0-git","3.0.0","3.0.0-1","3.0.0-2","3.0.0-git","3.0.0-rc1","3.0.0-rc2","3.0.0-rc3","3.0.0-rc4","3.0.0-rc5","3.0.0-rc6","3.0.0-rc7","3.0.0-rc8","3.0.0.1","3.0.1","3.0.2","3.0.3","3.0.3-1","3.0.4","3.0.5","3.0.5-1","3.0.5-2","3.0.6","3.0.7","3.0.7.1","3.0.7.1-1","3.0.8","svn-trunk"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-18278.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}