Vendor CVEs
Libming
All CVEs
123 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-34341 | 0.00 | — | 0.01 | Mar 7, 2022 | Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service. | |||
| CVE-2021-34342 | 0.00 | — | 0.01 | Mar 7, 2022 | Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak. | |||
| CVE-2021-44591 | 0.00 | — | 0.01 | Jan 6, 2022 | In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file. | |||
| CVE-2021-44590 | 0.00 | — | 0.01 | Jan 6, 2022 | In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits this vulnerability. | |||
| CVE-2020-11894 | 0.00 | — | 0.02 | Apr 19, 2020 | Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c. | |||
| CVE-2020-11895 | 0.00 | — | 0.02 | Apr 19, 2020 | Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c. | |||
| CVE-2020-6628 | 0.00 | — | 0.02 | Jan 9, 2020 | Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c. | |||
| CVE-2020-6629 | 0.00 | — | 0.01 | Jan 9, 2020 | Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decompile.c. | |||
| CVE-2019-16705 | 0.00 | — | 0.02 | Sep 23, 2019 | Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a. | |||
| CVE-2019-12982 | 0.00 | — | 0.01 | Jun 26, 2019 | Ming (aka libming) 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SWF file. | |||
| CVE-2019-12981 | 0.00 | — | 0.01 | Jun 26, 2019 | Ming (aka libming) 0.4.8 has an "fill overflow" vulnerability in the function SWFShape_setLeftFillStyle in blocks/shape.c. | |||
| CVE-2019-12980 | 0.00 | — | 0.01 | Jun 26, 2019 | In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file. | |||
| CVE-2019-9114 | 0.00 | — | 0.01 | Feb 25, 2019 | Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a. | |||
| CVE-2019-9113 | 0.00 | — | 0.01 | Feb 25, 2019 | Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a. | |||
| CVE-2019-7582 | 0.00 | — | 0.02 | Feb 7, 2019 | The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure. | |||
| CVE-2019-7581 | 0.00 | — | 0.02 | Feb 7, 2019 | The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876. | |||
| CVE-2019-3572 | 0.00 | — | 0.01 | Jan 2, 2019 | An issue was discovered in libming 0.4.8. There is a heap-based buffer over-read in the function writePNG in the file util/dbl2png.c of the dbl2png command-line program. Because this is associated with an erroneous call to png_write_row in libpng, an out-of-bounds write might… | |||
| CVE-2018-20591 | 0.00 | — | 0.01 | Dec 30, 2018 | A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx. | |||
| CVE-2018-20425 | 0.00 | — | 0.01 | Dec 24, 2018 | libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file. | |||
| CVE-2018-20426 | 0.00 | — | 0.01 | Dec 24, 2018 | libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866. | |||
| CVE-2018-20427 | 0.00 | — | 0.01 | Dec 24, 2018 | libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132. | |||
| CVE-2018-20428 | 0.00 | — | 0.01 | Dec 24, 2018 | libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874. | |||
| CVE-2018-20429 | 0.00 | — | 0.01 | Dec 24, 2018 | libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165. |
- CVE-2021-34341Mar 7, 2022risk 0.00cvss —epss 0.01
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
- CVE-2021-34342Mar 7, 2022risk 0.00cvss —epss 0.01
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.
- CVE-2021-44591Jan 6, 2022risk 0.00cvss —epss 0.01
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file.
- CVE-2021-44590Jan 6, 2022risk 0.00cvss —epss 0.01
In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits this vulnerability.
- CVE-2020-11894Apr 19, 2020risk 0.00cvss —epss 0.02
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.
- CVE-2020-11895Apr 19, 2020risk 0.00cvss —epss 0.02
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.
- CVE-2020-6628Jan 9, 2020risk 0.00cvss —epss 0.02
Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c.
- CVE-2020-6629Jan 9, 2020risk 0.00cvss —epss 0.01
Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decompile.c.
- CVE-2019-16705Sep 23, 2019risk 0.00cvss —epss 0.02
Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a.
- CVE-2019-12982Jun 26, 2019risk 0.00cvss —epss 0.01
Ming (aka libming) 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SWF file.
- CVE-2019-12981Jun 26, 2019risk 0.00cvss —epss 0.01
Ming (aka libming) 0.4.8 has an "fill overflow" vulnerability in the function SWFShape_setLeftFillStyle in blocks/shape.c.
- CVE-2019-12980Jun 26, 2019risk 0.00cvss —epss 0.01
In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.
- CVE-2019-9114Feb 25, 2019risk 0.00cvss —epss 0.01
Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a.
- CVE-2019-9113Feb 25, 2019risk 0.00cvss —epss 0.01
Ming (aka libming) 0.4.8 has a NULL pointer dereference in the function getString() in the decompile.c file in libutil.a.
- CVE-2019-7582Feb 7, 2019risk 0.00cvss —epss 0.02
The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure.
- CVE-2019-7581Feb 7, 2019risk 0.00cvss —epss 0.02
The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876.
- CVE-2019-3572Jan 2, 2019risk 0.00cvss —epss 0.01
An issue was discovered in libming 0.4.8. There is a heap-based buffer over-read in the function writePNG in the file util/dbl2png.c of the dbl2png command-line program. Because this is associated with an erroneous call to png_write_row in libpng, an out-of-bounds write might…
- CVE-2018-20591Dec 30, 2018risk 0.00cvss —epss 0.01
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx.
- CVE-2018-20425Dec 24, 2018risk 0.00cvss —epss 0.01
libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file.
- CVE-2018-20426Dec 24, 2018risk 0.00cvss —epss 0.01
libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866.
- CVE-2018-20427Dec 24, 2018risk 0.00cvss —epss 0.01
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132.
- CVE-2018-20428Dec 24, 2018risk 0.00cvss —epss 0.01
libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874.
- CVE-2018-20429Dec 24, 2018risk 0.00cvss —epss 0.01
libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165.
Page 3 of 3