EUVD-2023-33480

Malicious code in bioql PyPI...

CVE-2024-22914

A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service...

CVE-2023-29950

swfrender v0.9.2 was discovered to contain a heap buffer overflow in the function enumerateUsedIDsfillstyle at modules/swftools.c...

CVE-2024-26334

swftools v0.9.2 was discovered to contain a segmentation violation via the function compileSWFActionCode at swftools/lib/action/actioncompiler.c...

Design/Logic Flaw

swftools v0.9.2 was discovered to contain a segmentation violation via the function sfont at swftools/src/swfc.c...

Design/Logic Flaw

swftools v0.9.2 was discovered to contain a segmentation violation via the function statefree at swftools/src/swfc-history.c...

Code injection

swftools v0.9.2 was discovered to contain a strcpy parameter overlap via /home/swftools/src/swfc+0x48318a...

CVE-2024-26333

swftools v0.9.2 was discovered to contain a segmentation violation via the function freelines at swftools/lib/modules/swfshape.c...

CVE-2024-26337

swftools v0.9.2 was discovered to contain a segmentation violation via the function sfont at swftools/src/swfc.c...

CVE-2024-26333

swftools v0.9.2 was discovered to contain a segmentation violation via the function freelines at swftools/lib/modules/swfshape.c...

CVE-2024-26335

swftools v0.9.2 was discovered to contain a segmentation violation via the function statefree at swftools/src/swfc-history.c...

CVE-2024-26333

CVE-2024-26333 affects swftools version 0.9.2. The issue is a segmentation violation in the function free_lines within swftools/lib/modules/swfshape.c, which can cause abnormal termination/crash. This is supported by multiple connected sources (e.g., PT-2024-21356 notes a memory-access issue in f...

CVE-2024-26337

CVE-2024-26337 affects swftools, specifically version 0.9.2, where a segmentation violation is caused by the s_font function in swftools/src/swfc.c. The issue has limited public exploit detail in the provided sources, with several feeds (e.g., CNVD, NVD, Red Hat, Ubuntu OSV, Nessus) identifying a...

CVE-2024-26339

CVE-2024-26339 affects SWFTools, version 0.9.2. The vulnerability is a strcpy parameter overlap in the function at /home/swftools/src/swfc+0x48318a , producing conditions associated with a denial of service in multiple sources. The CVSS v3.1 vector reports a CRITICAL base score (9.1) with network...

CVE-2024-25165

A global-buffer-overflow vulnerability was found in SWFTools v0.9.2, in the function LineText at lib/swf5compiler.flex...

CVE-2024-22911

A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602...

Heap overflow

A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution...

CVE-2024-22912

A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution...

Heap overflow

A heap-use-after-free was found in SWFTools v0.9.2, in the function swfDeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution...

CVE-2024-22915

A heap-use-after-free was found in SWFTools v0.9.2, in the function swfDeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution...