Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Libming Subscribe
Total 85 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-44590 1 Libming 1 Libming 2022-07-12 4.3 MEDIUM 6.5 MEDIUM
In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits this vulnerability.
CVE-2021-34342 2 Fedoraproject, Libming 2 Fedora, Ming 2022-03-11 4.3 MEDIUM 6.5 MEDIUM
Ming 0.4.8 has an out-of-bounds read vulnerability in the function newVar_N() in decompile.c which causes a huge information leak.
CVE-2021-34341 2 Fedoraproject, Libming 2 Fedora, Ming 2022-03-11 4.3 MEDIUM 6.5 MEDIUM
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
CVE-2021-34340 2 Fedoraproject, Libming 2 Fedora, Ming 2022-03-11 4.3 MEDIUM 6.5 MEDIUM
Ming 0.4.8 has an out-of-bounds buffer access issue in the function decompileINCR_DECR() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
CVE-2021-34339 2 Fedoraproject, Libming 2 Fedora, Ming 2022-03-11 4.3 MEDIUM 6.5 MEDIUM
Ming 0.4.8 has an out-of-bounds buffer access issue in the function getString() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
CVE-2021-34338 2 Fedoraproject, Libming 2 Fedora, Ming 2022-03-11 4.3 MEDIUM 6.5 MEDIUM
Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
CVE-2021-44591 1 Libming 1 Libming 2022-01-13 4.3 MEDIUM 6.5 MEDIUM
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file.
CVE-2019-3572 1 Libming 1 Libming 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in libming 0.4.8. There is a heap-based buffer over-read in the function writePNG in the file util/dbl2png.c of the dbl2png command-line program. Because this is associated with an erroneous call to png_write_row in libpng, an out-of-bounds write might occur for some memory layouts.
CVE-2019-12981 1 Libming 1 Libming 2021-07-21 6.8 MEDIUM 8.8 HIGH
Ming (aka libming) 0.4.8 has an "fill overflow" vulnerability in the function SWFShape_setLeftFillStyle in blocks/shape.c.
CVE-2019-12980 1 Libming 1 Libming 2020-10-14 4.3 MEDIUM 6.5 MEDIUM
In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.
CVE-2019-12982 1 Libming 1 Libming 2020-10-14 4.3 MEDIUM 6.5 MEDIUM
Ming (aka libming) 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SWF file.
CVE-2018-7867 2 Debian, Libming 2 Debian Linux, Libming 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.
CVE-2018-6358 2 Debian, Libming 2 Debian Linux, Libming 2020-08-24 6.8 MEDIUM 8.8 HIGH
The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file.
CVE-2019-7581 2 Canonical, Libming 2 Ubuntu Linux, Libming 2020-08-24 6.8 MEDIUM 8.8 HIGH
The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876.
CVE-2019-7582 2 Canonical, Libming 2 Ubuntu Linux, Libming 2020-08-24 6.8 MEDIUM 8.8 HIGH
The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure.
CVE-2018-7873 2 Debian, Libming 2 Debian Linux, Libming 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. A Crafted input will lead to a denial of service attack.
CVE-2018-7877 2 Debian, Libming 2 Debian Linux, Libming 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack.
CVE-2020-11894 1 Libming 1 Libming 2020-04-23 6.4 MEDIUM 9.1 CRITICAL
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.
CVE-2020-11895 1 Libming 1 Libming 2020-04-23 6.4 MEDIUM 9.1 CRITICAL
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.
CVE-2020-6629 1 Libming 1 Libming 2020-01-21 4.3 MEDIUM 6.5 MEDIUM
Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decompile.c.