Swftools
by Swftools
Source repositories
CVEs (111)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-22914 | 0.00 | — | 0.00 | Jan 19, 2024 | A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service. | |||
| CVE-2024-22957 | 0.00 | — | 0.00 | Jan 19, 2024 | swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190. | |||
| CVE-2024-22956 | 0.00 | — | 0.00 | Jan 19, 2024 | swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838 | |||
| CVE-2024-22913 | 0.00 | — | 0.00 | Jan 19, 2024 | A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution. | |||
| CVE-2024-22911 | 0.00 | — | 0.00 | Jan 19, 2024 | A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602. | |||
| CVE-2024-22912 | 0.00 | — | 0.00 | Jan 19, 2024 | A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution. | |||
| CVE-2023-37644 | 0.00 | — | 0.00 | Jan 11, 2024 | SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c. | |||
| CVE-2023-26991 | 0.00 | — | 0.00 | Apr 4, 2023 | SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c. | |||
| CVE-2022-35080 | 0.00 | — | 0.00 | Oct 13, 2022 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_load at /lib/png.c. | |||
| CVE-2022-35081 | 0.00 | — | 0.00 | Oct 13, 2022 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_read_header at /src/png2swf.c. | |||
| CVE-2022-35099 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsigned char*) at /xpdf/Stream.cc. | |||
| CVE-2022-35098 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at /xpdf/GfxState.cc. | |||
| CVE-2022-35097 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc. | |||
| CVE-2022-35096 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c. | |||
| CVE-2022-35095 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc. | |||
| CVE-2022-35094 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. | |||
| CVE-2022-35093 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc. | |||
| CVE-2022-35092 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c. | |||
| CVE-2022-35091 | 0.00 | — | 0.00 | Sep 23, 2022 | SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::readMCURow() at /xpdf/Stream.cc.ow() | |||
| CVE-2022-35085 | 0.00 | — | 0.00 | Sep 20, 2022 | SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c. |
- CVE-2024-22914Jan 19, 2024risk 0.00cvss —epss 0.00
A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service.
- CVE-2024-22957Jan 19, 2024risk 0.00cvss —epss 0.00
swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190.
- CVE-2024-22956Jan 19, 2024risk 0.00cvss —epss 0.00
swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838
- CVE-2024-22913Jan 19, 2024risk 0.00cvss —epss 0.00
A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution.
- CVE-2024-22911Jan 19, 2024risk 0.00cvss —epss 0.00
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602.
- CVE-2024-22912Jan 19, 2024risk 0.00cvss —epss 0.00
A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution.
- CVE-2023-37644Jan 11, 2024risk 0.00cvss —epss 0.00
SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c.
- CVE-2023-26991Apr 4, 2023risk 0.00cvss —epss 0.00
SWFTools v0.9.2 was discovered to contain a stack-use-after-scope in the swf_ReadSWF2 function in lib/rfxswf.c.
- CVE-2022-35080Oct 13, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_load at /lib/png.c.
- CVE-2022-35081Oct 13, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via png_read_header at /src/png2swf.c.
- CVE-2022-35099Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsigned char*) at /xpdf/Stream.cc.
- CVE-2022-35098Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at /xpdf/GfxState.cc.
- CVE-2022-35097Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc.
- CVE-2022-35096Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.
- CVE-2022-35095Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc.
- CVE-2022-35094Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.
- CVE-2022-35093Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.
- CVE-2022-35092Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c.
- CVE-2022-35091Sep 23, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::readMCURow() at /xpdf/Stream.cc.ow()
- CVE-2022-35085Sep 20, 2022risk 0.00cvss —epss 0.00
SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c.
Page 3 of 6