libming CVE Vulnerabilities & CVE List (124)

Products (CPE): — CVEs: 124

libming vulnerability overview

Aggregates CVE and security vulnerability intelligence across all libming-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related problems; some flaws may lead to vendor impact unexpected behavior, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

Showing 101120 of 124 CVEs
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2018-5251 In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file. [email protected] 6.5 1.89% 2018-01-05 2026-06-16
CVE-2017-16898 The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to cause a denial of service via a crafted file, a different vulnerability than CVE-2016-9264. [email protected] 5.5 0.82% 2017-11-20 2026-06-16
CVE-2017-16883 The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file. [email protected] 6.5 1.05% 2017-11-18 2026-06-16
CVE-2017-11734 A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 5.5 0.96% 2017-07-29 2026-06-16
CVE-2017-11733 A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 5.5 0.98% 2017-07-29 2026-06-16
CVE-2017-11732 A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 5.5 1.09% 2017-07-29 2026-06-16
CVE-2017-11731 An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 5.5 0.96% 2017-07-29 2026-06-16
CVE-2017-11730 A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 5.5 1.08% 2017-07-29 2026-06-16
CVE-2017-11729 A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 5.5 1.08% 2017-07-29 2026-06-16
CVE-2017-11728 A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 5.5 1.08% 2017-07-29 2026-06-16
CVE-2017-11705 A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 6.5 1.20% 2017-07-28 2026-06-16
CVE-2017-11704 A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 6.5 1.20% 2017-07-28 2026-06-16
CVE-2017-11703 A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. [email protected] 6.5 1.20% 2017-07-28 2026-06-16
CVE-2017-9989 util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack. [email protected] 6.5 2.04% 2017-06-28 2026-06-16
CVE-2017-9988 The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c. [email protected] 6.5 2.04% 2017-06-28 2026-06-16
CVE-2017-8782 The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error. [email protected] 6.5 1.46% 2017-05-31 2026-06-16
CVE-2017-7578 Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831. [email protected] 7.8 1.25% 2017-04-07 2026-06-16
CVE-2016-9266 listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift. [email protected] 6.5 2.06% 2017-03-23 2026-06-16
CVE-2016-9265 The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. [email protected] 5.5 1.56% 2017-03-23 2026-06-16
CVE-2016-9264 Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. [email protected] 5.5 1.71% 2017-03-23 2026-06-16
cvelogic Threat Intelligence