Libming@0.4.8 Security Vulnerabilities and Issues — Libming@0.4.8 CVE List

Lucene search

LibmingLibming0.4.8

81 matches found

CVE•added 2024/02/26 6:15 p.m.•3787 views

CVE-2024-25770

libming 0.4.8 contains a memory leak vulnerability in /libming/src/actioncompiler/listaction.c.

4.3CVSS6.7AI score0.00107EPSS

CVE•added 2024/02/29 1:44 a.m.•198 views

CVE-2024-24149

A memory leak issue discovered in parseSWF_GLYPHENTRY in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file.

6.5CVSS6.1AI score0.00174EPSS

CVE•added 2019/09/23 5:15 a.m.•154 views

CVE-2019-16705

Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a.

9.1CVSS9.1AI score0.00425EPSS

CVE•added 2024/02/29 1:44 a.m.•104 views

CVE-2024-24150

A memory leak issue discovered in parseSWF_TEXTRECORD in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file.

6.5CVSS6.1AI score0.00175EPSS

CVE•added 2024/02/29 1:44 a.m.•101 views

CVE-2024-24146

A memory leak issue discovered in parseSWF_DEFINEBUTTON in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file.

6.5CVSS6.1AI score0.00174EPSS

CVE•added 2024/02/29 1:44 a.m.•94 views

CVE-2024-24147

A memory leak issue discovered in parseSWF_FILLSTYLEARRAY in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF file.

6.5CVSS6.1AI score0.00174EPSS

CVE•added 2024/02/28 8:15 p.m.•94 views

CVE-2024-24148

A memory leak issue discovered in parseSWF_FREECHARACTER in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file.

7.5CVSS6.5AI score0.00344EPSS

CVE•added 2020/01/09 2:15 a.m.•83 views

CVE-2020-6628

Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c.

8.8CVSS8.7AI score0.00565EPSS

CVE•added 2020/01/09 2:15 a.m.•75 views

CVE-2020-6629

Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decompile.c.

6.5CVSS6.4AI score0.00272EPSS

CVE•added 2018/03/08 6:29 p.m.•67 views

CVE-2018-7872

An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

6.5CVSS7AI score0.00664EPSS

CVE•added 2025/02/20 5:15 p.m.•64 views

CVE-2025-26306

A memory leak has been identified in the readSizedString function in util/read.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted file.

6.5CVSS6.3AI score0.00137EPSS

CVE•added 2020/04/19 7:15 p.m.•63 views

CVE-2020-11894

Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.

9.1CVSS9.2AI score0.00456EPSS

CVE•added 2025/02/20 5:15 p.m.•63 views

CVE-2025-26308

A memory leak has been identified in the parseSWF_FILTERLIST function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file.

6.5CVSS6.3AI score0.00137EPSS

CVE•added 2025/02/20 5:15 p.m.•63 views

CVE-2025-26311

Multiple memory leaks have been identified in the clip actions parsing functions (parseSWF_CLIPACTIONS and parseSWF_CLIPACTIONRECORD) in util/parser.c of libming v0.4.8, which allow attackers to cause a denial of service via a crafted SWF file.

6.5CVSS6.4AI score0.00176EPSS

CVE•added 2025/02/20 5:15 p.m.•62 views

CVE-2025-26305

A memory leak has been identified in the parseSWF_SOUNDINFO function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file.

8.2CVSS7.7AI score0.0013EPSS

CVE•added 2025/02/20 5:15 p.m.•61 views

CVE-2025-26304

A memory leak has been identified in the parseSWF_EXPORTASSETS function in util/parser.c of libming v0.4.8.

8.2CVSS8.2AI score0.00069EPSS

CVE•added 2018/03/08 6:29 p.m.•60 views

CVE-2018-7870

An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

6.5CVSS7AI score0.00664EPSS

CVE•added 2019/06/26 6:15 p.m.•59 views

CVE-2019-12980

In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.

6.5CVSS6.3AI score0.00456EPSS

CVE•added 2018/03/08 6:29 p.m.•58 views

CVE-2018-7875

There is a heap-based buffer over-read in the getString function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack.

6.5CVSS7.1AI score0.00571EPSS

CVE•added 2025/02/20 5:15 p.m.•57 views

CVE-2025-26307

A memory leak has been identified in the parseSWF_IMPORTASSETS2 function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file.

6.5CVSS6.2AI score0.00137EPSS

CVE•added 2019/06/26 6:15 p.m.•56 views

CVE-2019-12981

Ming (aka libming) 0.4.8 has an "fill overflow" vulnerability in the function SWFShape_setLeftFillStyle in blocks/shape.c.

8.8CVSS8.6AI score0.00518EPSS

CVE•added 2025/02/20 5:15 p.m.•56 views

CVE-2025-26309

A memory leak has been identified in the parseSWF_DEFINESCENEANDFRAMEDATA function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file.

6.5CVSS6.2AI score0.00137EPSS

CVE•added 2020/04/19 7:15 p.m.•54 views

CVE-2020-11895

Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.

9.1CVSS9.2AI score0.00456EPSS

CVE•added 2025/02/20 5:15 p.m.•54 views

CVE-2025-26310

Multiple memory leaks have been identified in the ABC file parsing functions (parseABC_CONSTANT_POOL and `parseABC_FILE) in util/parser.c of libming v0.4.8, which allow attackers to cause a denial of service via a crafted ABC file.

6.5CVSS6.4AI score0.00176EPSS

CVE•added 2025/03/27 3:16 p.m.•54 views

CVE-2025-29492

libming v0.4.8 was discovered to contain a segmentation fault via the decompileSETVARIABLE function.

6.5CVSS7.4AI score0.00043EPSS

CVE•added 2025/03/27 3:16 p.m.•53 views

CVE-2025-29494

libming v0.4.8 was discovered to contain a segmentation fault via the decompileGETMEMBER function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SWF file.

6.5CVSS7.2AI score0.00075EPSS

CVE•added 2025/03/27 3:15 p.m.•52 views

CVE-2025-29486

libming v0.4.8 was discovered to contain a memory leak via the parseSWF_PLACEOBJECT3 function.

6.5CVSS7.4AI score0.00045EPSS

CVE•added 2025/03/27 3:16 p.m.•52 views

CVE-2025-29489

libming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHLINESTYLES function.

6.5CVSS7.4AI score0.00043EPSS

CVE•added 2025/03/27 3:16 p.m.•52 views

CVE-2025-29496

libming v0.4.8 was discovered to contain a segmentation fault via the decompileDUPLICATECLIP function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SWF file.

6.5CVSS7.2AI score0.00075EPSS

CVE•added 2018/01/05 8:29 p.m.•51 views

CVE-2018-5251

In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.

6.5CVSS6.7AI score0.00561EPSS

CVE•added 2025/03/27 3:16 p.m.•51 views

CVE-2025-29493

libming v0.4.8 was discovered to contain a segmentation fault via the decompileGETPROPERTY function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SWF file.

6.5CVSS7.2AI score0.00075EPSS

CVE•added 2017/06/28 6:29 a.m.•50 views

CVE-2017-9988

The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c.

6.5CVSS6.9AI score0.00625EPSS

CVE•added 2018/01/08 7:29 a.m.•50 views

CVE-2018-5294

In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.

6.5CVSS7AI score0.00623EPSS

CVE•added 2018/03/30 8:29 a.m.•50 views

CVE-2018-9132

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.

6.5CVSS6.7AI score0.00649EPSS

CVE•added 2025/03/27 3:15 p.m.•50 views

CVE-2025-29483

libming v0.4.8 was discovered to contain a memory leak via the parseSWF_ENABLEDEBUGGER2 function.

6.5CVSS7.4AI score0.00054EPSS

CVE•added 2019/06/26 6:15 p.m.•49 views

CVE-2019-12982

Ming (aka libming) 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SWF file.

6.5CVSS6.5AI score0.00589EPSS

CVE•added 2025/03/27 3:16 p.m.•49 views

CVE-2025-29491

An allocation-size-too-big error in the parseSWF_DEFINEBINARYDATA function of libming v0.48 allows attackers to cause a Denial of Service (DoS) via supplying a crafted SWF file.

6.5CVSS6.7AI score0.00075EPSS

CVE•added 2025/03/27 3:16 p.m.•48 views

CVE-2025-29490

libming v0.4.8 was discovered to contain a segmentation fault via the decompileCALLMETHOD function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SWF file.

6.5CVSS7.2AI score0.00075EPSS

CVE•added 2017/05/31 4:29 a.m.•47 views

CVE-2017-8782

The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error.

6.5CVSS7AI score0.00419EPSS

CVE•added 2017/06/28 6:29 a.m.•47 views

CVE-2017-9989

util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack.

6.5CVSS6.9AI score0.00625EPSS

CVE•added 2018/03/08 6:29 p.m.•47 views

CVE-2018-7868

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack.

6.5CVSS7.1AI score0.00571EPSS

CVE•added 2018/03/08 6:29 p.m.•47 views

CVE-2018-7876

In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file.

6.5CVSS6.7AI score0.01379EPSS

CVE•added 2018/03/08 6:29 p.m.•46 views

CVE-2018-7866

A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

6.5CVSS6.9AI score0.01407EPSS

CVE•added 2018/03/08 6:29 p.m.•46 views

CVE-2018-7871

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact.

8.8CVSS8.7AI score0.00558EPSS

CVE•added 2018/03/25 3:29 a.m.•46 views

CVE-2018-9009

In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file.

8.8CVSS8.4AI score0.00658EPSS

CVE•added 2023/04/26 7:15 p.m.•46 views

CVE-2022-44232

libming 0.4.8 0.4.8 is vulnerable to Buffer Overflow. In getInt() in decompile.c unknown type may lead to denial of service. This is a different vulnerability than CVE-2018-9132 and CVE-2018-20427.

7.5CVSS7AI score0.00649EPSS

CVE•added 2025/03/27 3:16 p.m.•46 views

CVE-2025-29497

libming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHFILLSTYLES function.

6.5CVSS7.4AI score0.00043EPSS

CVE•added 2018/03/08 6:29 p.m.•45 views

CVE-2018-7877

There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack.

6.5CVSS6.6AI score0.00544EPSS

CVE•added 2025/03/27 3:16 p.m.•45 views

CVE-2025-29488

libming v0.4.8 was discovered to contain a memory leak via the parseSWF_INITACTION function.

6.5CVSS7.4AI score0.00043EPSS

CVE•added 2018/07/02 5:29 p.m.•44 views

CVE-2018-13066

There is a memory leak in util/parser.c in libming 0.4.8, which will lead to a denial of service via parseSWF_DEFINEBUTTON2, parseSWF_DEFINEFONT, parseSWF_DEFINEFONTINFO, parseSWF_DEFINELOSSLESS, parseSWF_DEFINESPRITE, parseSWF_DEFINETEXT, parseSWF_DOACTION, parseSWF_FILLSTYLEARRAY, parseSWF_FRAMEL...

7.5CVSS7.3AI score0.00381EPSS

Total number of security vulnerabilities81