Lucene search
+L

148 matches found

osv
osv
added 2018/03/30 8:29 a.m.10 views

UBUNTU-CVE-2018-9132

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...

6.5CVSS7AI score0.01747EPSS
Exploits1References3
cnvd
cnvd
added 2018/03/26 12:0 a.m.8 views

Memory Misreference Vulnerability in libming 'decompileGETVARIABLE' Function

libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A memory misreference vulnerability exists in the 'decompileGETVARIABLE' function of the decompile.c file in libming version 0.4.8. A remote...

6.5CVSS6.9AI score0.01509EPSS
Exploits1References1
osv
osv
added 2018/03/23 9:29 p.m.19 views

UBUNTU-CVE-2018-8963

In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...

6.5CVSS6.6AI score0.01509EPSS
Exploits1References3
cnvd
cnvd
added 2018/01/29 12:0 a.m.29 views

Memory Misreference Vulnerability in libming 'decompileIF' Function

libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A memory misreference vulnerability exists in the 'decompileIF' function in the util/decompile.c file in libming 0.4.8 and earlier versions. A...

8.8CVSS6.7AI score0.0242EPSS
Exploits1References1
osv
osv
added 2018/01/27 9:29 p.m.4 views

UBUNTU-CVE-2018-6359

The decompileIF function util/decompile.c in libming through 0.4.8 is vulnerable to a use-after-free, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file...

8.8CVSS7.3AI score0.0242EPSS
Exploits1References3
zdt
zdt
added 2017/03/23 12:0 a.m.134 views

Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-04

Exploit for windows platform in category local exploits require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule 'Office OLE Multiple DLL Side Loading Vulnerabilities', 'Description' = %q Multiple DLL side loading vulnerabilities were found in various COM...

9.3CVSS7.4AI score0.84701EPSS
Exploits7
osv
osv
added 2016/12/23 5:59 a.m.6 views

DEBIAN-CVE-2016-6671

The rawdecode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a crafted SWF file...

7.8CVSS7.8AI score0.01704EPSS
Exploits0References1
osv
osv
added 2016/12/23 5:59 a.m.7 views

ALPINE-CVE-2016-6881

The zlibrefill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file...

5.5CVSS6.7AI score0.00892EPSS
Exploits0References1
osv
osv
added 2016/12/23 5:59 a.m.5 views

UBUNTU-CVE-2016-6881

The zlibrefill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file...

5.5CVSS6.4AI score0.00892EPSS
Exploits0References3
cnvd
cnvd
added 2016/10/16 12:0 a.m.3 views

Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2016-09443)

Adobe Flash Player is a cross-platform, browser-based multimedia player product. Adobe Flash Player suffers from a memory error referencing arbitrary code execution vulnerability that can be exploited by remote attackers to construct a malicious SWF file, which can be parsed by the user to crash...

9.3CVSS8.3AI score0.0543EPSS
Exploits0References1
fireeye
fireeye
added 2016/07/14 4:37 p.m.913 views

Exploit Kits Quickly Adopt Exploit Thanks to Open Source Release

A security researcher recently published source code for a working exploit for CVE-2016-0189 and the Neutrino Exploit Kit EK quickly adopted it. CVE-2016-0189 was originally exploited as a zero-day vulnerability in targeted attacks in Asia. The vulnerability resides within scripting engines in...

10CVSS0.9AI score0.94996EPSS
Exploits55
bdu_fstec
bdu_fstec
added 2016/07/06 12:0 a.m.6 views

The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in Adobe Pepper Flash for Google Chrome due to an incorrect limitation of the SWF file format. Exploiting this vulnerability allows malicious actors to carry out attacks on endpoints using JSONP requests through Cross-Site Request Forgery CSRF. These actors can gain acces...

6.8CVSS7.2AI score0.23024EPSS
Exploits4References5Affected Software1
bdu_fstec
bdu_fstec
added 2016/07/06 12:0 a.m.7 views

Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

The vulnerability exists in Adobe AIR due to an incorrect limitation on the SWF file format. Exploiting this vulnerability allows malicious actors to execute attacks on JSONP endpoints using Cross-Site Request Forgery CSRF. They can also gain access to confidential information by using specially...

6.8CVSS5.6AI score0.03507EPSS
Exploits0References3Affected Software1
cnvd
cnvd
added 2016/06/19 12:0 a.m.1 views

Unspecified heap overflow vulnerability in Microsoft Internet Explorer and Microsoft Edge Adobe Flash Player (CNVD-2016-04140)

Adobe Flash Player is a multimedia player product; Adobe AIR SDK and Adobe AIR SDK & Compiler are both standard development kits for Adobe AIR.Microsoft Internet Explorer and Microsoft Edge are popular web browsers. An unspecified heap overflow vulnerability exists in Adobe Flash Player used in t...

10CVSS7.2AI score0.25419EPSS
Exploits2References1
cnvd
cnvd
added 2016/06/19 12:0 a.m.2 views

Unspecified Memory Misreference Vulnerability in Microsoft Internet Explorer and Microsoft Edge Adobe Flash Player (CNVD-2016-04139)

Adobe Flash Player is a multimedia player product; Adobe AIR SDK and Adobe AIR SDK & Compiler are both standard development kits for Adobe AIR.Microsoft Internet Explorer and Microsoft Edge are popular web browsers. An unspecified memory misreference vulnerability exists in Adobe Flash Player use...

9.3CVSS6.9AI score0.0381EPSS
Exploits0References1
cnvd
cnvd
added 2015/12/13 12:0 a.m.2 views

Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08240)

Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...

9.3CVSS7.3AI score0.05658EPSS
Exploits0References1
cnvd
cnvd
added 2015/12/13 12:0 a.m.2 views

Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08206)

Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...

10CVSS7.3AI score0.05794EPSS
Exploits0References1
cnvd
cnvd
added 2015/12/13 12:0 a.m.1 views

Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08201)

Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...

10CVSS7.3AI score0.05794EPSS
Exploits0References1
cnvd
cnvd
added 2015/12/13 12:0 a.m.3 views

Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08236)

Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...

10CVSS7.3AI score0.43408EPSS
Exploits1References1
cnvd
cnvd
added 2015/12/13 12:0 a.m.3 views

Adobe Flash Player Memory Misreference Vulnerability (CNVD-2015-08252)

Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...

9.3CVSS7.3AI score0.06538EPSS
Exploits0References1
Rows per page
Query Builder