Vulnerabilities > Libming > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-03-20 CVE-2018-8807 Use After Free vulnerability in Libming 0.4.8
In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c.
network
low complexity
libming CWE-416
6.5
6.5
2018-03-20 CVE-2018-8806 Use After Free vulnerability in Libming 0.4.8
In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c.
network
low complexity
libming CWE-416
6.5
6.5
2018-03-08 CVE-2018-7877 Out-of-bounds Write vulnerability in multiple products
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data.
network
low complexity
libming debian CWE-787
6.5
6.5
2018-03-08 CVE-2018-7876 Resource Exhaustion vulnerability in multiple products
In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file.
network
low complexity
libming debian CWE-400
6.5
6.5
2018-03-08 CVE-2018-7875 Out-of-bounds Read vulnerability in multiple products
There is a heap-based buffer over-read in the getString function of util/decompile.c in libming 0.4.8 for CONSTANT8 data.
network
low complexity
libming debian CWE-125
6.5
6.5
2018-03-08 CVE-2018-7874 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An invalid memory address dereference was discovered in strlenext in util/decompile.c in libming 0.4.8.
network
low complexity
libming debian CWE-119
6.5
6.5
2018-03-08 CVE-2018-7873 Out-of-bounds Write vulnerability in multiple products
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data.
network
low complexity
libming debian CWE-787
6.5
6.5
2018-03-08 CVE-2018-7872 NULL Pointer Dereference vulnerability in multiple products
An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data.
network
low complexity
libming debian CWE-476
6.5
6.5
2018-03-08 CVE-2018-7870 NULL Pointer Dereference vulnerability in multiple products
An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data.
network
low complexity
libming debian CWE-476
6.5
6.5
2018-03-08 CVE-2018-7868 Out-of-bounds Read vulnerability in multiple products
There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data.
network
low complexity
libming debian CWE-125
6.5
6.5