VYPR
Vendor

michaelrsweet

Products
4
CVEs
17
Across products
17
Status
Private

Products

4

Recent CVEs

17
  • CVE-2019-13362HigJul 6, 2019
    risk 0.51cvss 7.8epss 0.01

    Codedoc v3.2 has a stack-based buffer overflow in add_variable in codedoc.c, related to codedoc_strlcpy.

  • CVE-2021-42860HigMay 26, 2022
    risk 0.49cvss 7.5epss 0.01

    A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: it is unclear whether this input is allowed by the API specification

  • CVE-2021-42859HigMay 26, 2022
    risk 0.49cvss 7.5epss 0.01

    A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2…

  • CVE-2023-38850MedAug 15, 2023
    risk 0.36cvss 5.5epss 0.00

    Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 comppnent.

  • CVE-2018-20592MedDec 30, 2018
    risk 0.36cvss 5.5epss 0.01

    In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.

  • CVE-2018-20005MedDec 10, 2018
    risk 0.36cvss 5.5epss 0.01

    An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.

  • CVE-2026-5037LowMar 29, 2026
    risk 0.14cvss 3.3epss 0.00

    A vulnerability was determined in mxml up to 4.0.4. This issue affects the function index_sort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local…

  • CVE-2021-43579HigJan 10, 2022
    risk 0.04cvss 7.8epss 0.07

    A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.

  • CVE-2024-46478CriOct 24, 2024
    risk 0.00cvss 9.8epss 0.01

    HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681.

  • CVE-2021-34119HigJul 18, 2023
    risk 0.00cvss 7.8epss 0.00

    A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file.

  • CVE-2023-28428MedMar 20, 2023
    risk 0.00cvss 6.2epss 0.00

    PDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A…

  • CVE-2023-24808MedFeb 7, 2023
    risk 0.00cvss 5.3epss 0.01

    PDFio is a C library for reading and writing PDF files. In versions prior to 1.1.0 a denial of service (DOS) vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. The pdf which causes this crash found…

  • CVE-2022-0137HigNov 14, 2022
    risk 0.00cvss 7.5epss 0.01

    A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.

  • CVE-2022-34035HigJul 18, 2022
    risk 0.00cvss 7.5epss 0.01

    HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588.

  • CVE-2022-34033HigJul 18, 2022
    risk 0.00cvss 7.5epss 0.01

    HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.

  • CVE-2021-26259HigMar 3, 2022
    risk 0.00cvss 7.8epss 0.01

    A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in render_table_row(),in ps-pdf.cxx may lead to arbitrary code execution and denial of service.

  • CVE-2021-40985MedNov 3, 2021
    risk 0.00cvss 5.5epss 0.01

    A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.