Vulnerabilities > Libming > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-20 | CVE-2018-8807 | Use After Free vulnerability in Libming 0.4.8 In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c. | 4.3 |
| 2018-03-20 | CVE-2018-8806 | Use After Free vulnerability in Libming 0.4.8 In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. | 4.3 |
| 2018-03-08 | CVE-2018-7877 | Out-of-bounds Write vulnerability in multiple products There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. | 4.3 |
| 2018-03-08 | CVE-2018-7876 | Resource Exhaustion vulnerability in multiple products In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file. | 6.5 |
| 2018-03-08 | CVE-2018-7875 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the getString function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. | 4.3 |
| 2018-03-08 | CVE-2018-7874 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An invalid memory address dereference was discovered in strlenext in util/decompile.c in libming 0.4.8. | 4.3 |
| 2018-03-08 | CVE-2018-7873 | Out-of-bounds Write vulnerability in multiple products There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. | 6.5 |
| 2018-03-08 | CVE-2018-7872 | NULL Pointer Dereference vulnerability in multiple products An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. | 4.3 |
| 2018-03-08 | CVE-2018-7871 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. | 6.8 |
| 2018-03-08 | CVE-2018-7870 | NULL Pointer Dereference vulnerability in multiple products An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. | 4.3 |