Shodan
Vulnerabilities
Vulnerable Software
Libming:  Security Vulnerabilities
CVE-2021-34341
Ming 0.4.8 has an out-of-bounds read vulnerability in the function decompileIF() in the decompile.c file that causes a direct segmentation fault and leads to denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-03-10
CVE-2021-34338
Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName() in decompiler.c file that causes a direct segmentation fault and leads to denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-03-10
CVE-2021-44590
In libming 0.4.8, a memory exhaustion vulnerability exist in the function cws2fws in util/main.c. Remote attackers could launch denial of service attacks by submitting a crafted SWF file that exploits this vulnerability.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-01-06
CVE-2021-44591
In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser.c lacks a boundary check that would lead to denial-of-service attacks via a crafted SWF file.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-01-06
CVE-2020-11894
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.
CVSS Score
9.1
EPSS Score
0.005
Published
2020-04-19
CVE-2020-11895
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.
CVSS Score
9.1
EPSS Score
0.005
Published
2020-04-19
CVE-2020-6628
Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c.
CVSS Score
8.8
EPSS Score
0.006
Published
2020-01-09
CVE-2020-6629
Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decompile.c.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-01-09
CVE-2019-16705
Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a.
CVSS Score
9.1
EPSS Score
0.004
Published
2019-09-23
CVE-2019-12980
In Ming (aka libming) 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the SWFInput_readSBits function in blocks/input.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-06-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved