Vendor Products CVEs KEV Avg EPSS Worst Severity 1 55 0 27.3% CRITICAL
CVE ID Description Severity CVSS KEV EPSS Published CVE-2025-6271 A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wav_convert2mono in the library lib/wav.c of the component wav2swf. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. LOW 1.9 — 11.0% Jun 19, 2025 CVE-2024-28458 Null Pointer Dereference vulnerability in swfdump in swftools 0.9.2 allows attackers to crash the appliation via the function compileSWFActionCode in action/actioncompiler.c. HIGH 7.5 — 48.7% Apr 11, 2024 CVE-2024-26339 swftools v0.9.2 was discovered to contain a strcpy parameter overlap via /home/swftools/src/swfc+0x48318a. CRITICAL 9.1 — 53.2% Mar 5, 2024 CVE-2024-26337 swftools v0.9.2 was discovered to contain a segmentation violation via the function s_font at swftools/src/swfc.c. MEDIUM 4.3 — 44.2% Mar 5, 2024 CVE-2024-26335 swftools v0.9.2 was discovered to contain a segmentation violation via the function state_free at swftools/src/swfc-history.c. MEDIUM 5.5 — 29.7% Mar 5, 2024 CVE-2024-26334 swftools v0.9.2 was discovered to contain a segmentation violation via the function compileSWFActionCode at swftools/lib/action/actioncompiler.c. MEDIUM 6.2 — 19.2% Mar 5, 2024 CVE-2024-26333 swftools v0.9.2 was discovered to contain a segmentation violation via the function free_lines at swftools/lib/modules/swfshape.c. MEDIUM 5.5 — 19.2% Mar 5, 2024 CVE-2024-25165 A global-buffer-overflow vulnerability was found in SWFTools v0.9.2, in the function LineText at lib/swf5compiler.flex. HIGH 7.8 — 39.8% Feb 14, 2024 CVE-2024-22957 swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190. MEDIUM 5.5 — 21.9% Jan 19, 2024 CVE-2024-22956 swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838 HIGH 7.8 — 26.6% Jan 19, 2024 CVE-2024-22955 swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576. HIGH 7.8 — 24.8% Jan 19, 2024 CVE-2024-22919 swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587. HIGH 7.8 — 24.8% Jan 19, 2024 CVE-2024-22915 A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution. HIGH 7.8 — 29.4% Jan 19, 2024 CVE-2024-22914 A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service. MEDIUM 5.5 — 21.7% Jan 19, 2024 CVE-2024-22913 A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution. HIGH 7.8 — 27.7% Jan 19, 2024 CVE-2024-22912 A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution. HIGH 7.8 — 27.7% Jan 19, 2024 CVE-2024-22911 A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602. HIGH 7.8 — 24.8% Jan 19, 2024 CVE-2024-22920 swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c. HIGH 7.8 — 21.5% Jan 19, 2024 CVE-2024-22562 swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c. HIGH 7.8 — 20.2% Jan 19, 2024 CVE-2023-37644 SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. This occurs in png_read_chunk in lib/png.c. MEDIUM 5.5 — 18.5% Jan 11, 2024
Show all 55 CVEs