Aggregates CVE and security vulnerability intelligence across all libming-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related problems; some flaws may lead to vendor impact unexpected behavior, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-5251 | In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file. | [email protected] | 6.5 | 1.89% | 2018-01-05 | 2026-06-16 |
| CVE-2017-16898 | The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to cause a denial of service via a crafted file, a different vulnerability than CVE-2016-9264. | [email protected] | 5.5 | 0.82% | 2017-11-20 | 2026-06-16 |
| CVE-2017-16883 | The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file. | [email protected] | 6.5 | 1.05% | 2017-11-18 | 2026-06-16 |
| CVE-2017-11734 | A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 5.5 | 0.96% | 2017-07-29 | 2026-06-16 |
| CVE-2017-11733 | A null pointer dereference vulnerability was found in the function stackswap (called from decompileSTACKSWAP) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 5.5 | 0.98% | 2017-07-29 | 2026-06-16 |
| CVE-2017-11732 | A heap-based buffer overflow vulnerability was found in the function dcputs (called from decompileIMPLEMENTS) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 5.5 | 1.09% | 2017-07-29 | 2026-06-16 |
| CVE-2017-11731 | An invalid memory read vulnerability was found in the function OpCode (called from isLogicalOp and decompileIF) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 5.5 | 0.96% | 2017-07-29 | 2026-06-16 |
| CVE-2017-11730 | A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1474) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 5.5 | 1.08% | 2017-07-29 | 2026-06-16 |
| CVE-2017-11729 | A heap-based buffer over-read was found in the function OpCode (called from decompileINCR_DECR line 1440) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 5.5 | 1.08% | 2017-07-29 | 2026-06-16 |
| CVE-2017-11728 | A heap-based buffer over-read was found in the function OpCode (called from decompileSETMEMBER) in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 5.5 | 1.08% | 2017-07-29 | 2026-06-16 |
| CVE-2017-11705 | A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 6.5 | 1.20% | 2017-07-28 | 2026-06-16 |
| CVE-2017-11704 | A heap-based buffer over-read was found in the function decompileIF in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 6.5 | 1.20% | 2017-07-28 | 2026-06-16 |
| CVE-2017-11703 | A memory leak vulnerability was found in the function parseSWF_DOACTION in util/parser.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file. | [email protected] | 6.5 | 1.20% | 2017-07-28 | 2026-06-16 |
| CVE-2017-9989 | util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack. | [email protected] | 6.5 | 2.04% | 2017-06-28 | 2026-06-16 |
| CVE-2017-9988 | The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c. | [email protected] | 6.5 | 2.04% | 2017-06-28 | 2026-06-16 |
| CVE-2017-8782 | The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error. | [email protected] | 6.5 | 1.46% | 2017-05-31 | 2026-06-16 |
| CVE-2017-7578 | Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service (listswf application crash) or possibly have unspecified other impact via a crafted SWF file. NOTE: this issue exists because of an incomplete fix for CVE-2016-9831. | [email protected] | 7.8 | 1.25% | 2017-04-07 | 2026-06-16 |
| CVE-2016-9266 | listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift. | [email protected] | 6.5 | 2.06% | 2017-03-23 | 2026-06-16 |
| CVE-2016-9265 | The printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. | [email protected] | 5.5 | 1.56% | 2017-03-23 | 2026-06-16 |
| CVE-2016-9264 | Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file. | [email protected] | 5.5 | 1.71% | 2017-03-23 | 2026-06-16 |