A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType fonts.
>> ARCHIVE: 2019-04
LibreOffice < 6.0.7 / 6.1.3 – Macro Code Execution (Metasploit)
Netwide Assembler (NASM) 2.14rc15 – NULL Pointer Dereference (PoC)
ManageEngine Applications Manager 11.0 < 14.0 – SQL Injection / Remote Code Execution (Metasploit)
Evernote 7.9 – Code Execution via Path Traversal
https://sueksa.go.th notified by KEC0A_T3RBANG
http://www2.fda.moph.go.th/fdaonline/board/wallpaper/swan.txt notified by Swan
Oracle Java Runtime Environment – Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID
DHCP Server 2.5.2 – Denial of Service (PoC)
ASUS HG100 – Denial of Service