libming CVE Vulnerabilities & CVE List (124)

Products (CPE): — CVEs: 124

libming vulnerability overview

Aggregates CVE and security vulnerability intelligence across all libming-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related problems; some flaws may lead to vendor impact unexpected behavior, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

Showing 6180 of 124 CVEs
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2018-20429 libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165. [email protected] 8.8 1.50% 2018-12-24 2026-06-16
CVE-2018-20428 libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874. [email protected] 8.8 1.50% 2018-12-24 2026-06-16
CVE-2018-20427 libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132. [email protected] 8.8 1.32% 2018-12-24 2026-06-16
CVE-2018-20426 libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866. [email protected] 8.8 1.50% 2018-12-24 2026-06-16
CVE-2018-20425 libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file. [email protected] 8.8 1.50% 2018-12-24 2026-06-16
CVE-2018-15871 An invalid memory address dereference was discovered in decompileSingleArgBuiltInFunctionCall in libming 0.4.8 before 2018-03-12. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. [email protected] 6.5 1.16% 2018-08-25 2026-06-16
CVE-2018-15870 An invalid memory address dereference was discovered in decompileGETVARIABLE in libming 0.4.8 before 2018-03-12. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. [email protected] 6.5 1.16% 2018-08-25 2026-06-16
CVE-2018-13251 In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWF_DEFINEBITSJPEG2. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file. [email protected] 6.5 1.46% 2018-07-05 2026-06-16
CVE-2018-13250 libming 0.4.8 has a NULL pointer dereference in the getString function of the decompile.c file, related to decompileSTRINGCONCAT. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. [email protected] 6.5 1.46% 2018-07-05 2026-06-16
CVE-2018-13066 There is a memory leak in util/parser.c in libming 0.4.8, which will lead to a denial of service via parseSWF_DEFINEBUTTON2, parseSWF_DEFINEFONT, parseSWF_DEFINEFONTINFO, parseSWF_DEFINELOSSLESS, parseSWF_DEFINESPRITE, parseSWF_DEFINETEXT, parseSWF_DOACTION, parseSWF_FILLSTYLEARRAY, parseSWF_FRAMELABEL, parseSWF_LINESTYLEARRAY, parseSWF_PLACEOBJECT2, or parseSWF_SHAPEWITHSTYLE. [email protected] 7.5 1.41% 2018-07-02 2026-06-16
CVE-2018-11226 The getString function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. [email protected] 8.8 1.74% 2018-05-17 2026-06-16
CVE-2018-11225 The dcputs function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. [email protected] 8.8 1.95% 2018-05-17 2026-06-16
CVE-2018-11100 The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. [email protected] 8.8 1.81% 2018-05-14 2026-06-16
CVE-2018-11095 The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. [email protected] 8.8 1.81% 2018-05-14 2026-06-16
CVE-2018-11017 The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. [email protected] 8.8 1.39% 2018-05-13 2026-06-16
CVE-2018-9165 The pushdup function in util/decompile.c in libming through 0.4.8 does not recognize the need for ActionPushDuplicate to perform a deep copy when a String is at the top of the stack, making the library vulnerable to a util/decompile.c getName NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted SWF file. [email protected] 6.5 1.14% 2018-04-01 2026-06-16
CVE-2018-9132 libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. [email protected] 6.5 1.75% 2018-03-30 2026-06-16
CVE-2018-9009 In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file. [email protected] 8.8 1.93% 2018-03-24 2026-06-16
CVE-2018-8964 In libming 0.4.8, the decompileDELETE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. [email protected] 6.5 1.67% 2018-03-23 2026-06-16
CVE-2018-8963 In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. [email protected] 6.5 1.51% 2018-03-23 2026-06-16
cvelogic Threat Intelligence