Filtered by vendor Miniupnp Project
Subscriptions
Total
32 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11657 | 1 Miniupnp Project | 1 Ngiflib | 2024-09-17 | N/A |
| ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif. | ||||
| CVE-2018-10717 | 1 Miniupnp Project | 1 Ngiflib | 2024-09-16 | N/A |
| The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677. | ||||
| CVE-2013-2600 | 2 Debian, Miniupnp Project | 2 Debian Linux, Miniupnpd | 2024-08-06 | 7.5 High |
| MiniUPnPd has information disclosure use of snprintf() | ||||
| CVE-2013-1462 | 1 Miniupnp Project | 1 Miniupnpd | 2024-08-06 | N/A |
| Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230. | ||||
| CVE-2013-1461 | 1 Miniupnp Project | 1 Miniupnpd | 2024-08-06 | N/A |
| The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230. | ||||
| CVE-2013-0229 | 1 Miniupnp Project | 1 Miniupnpd | 2024-08-06 | N/A |
| The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read. | ||||
| CVE-2013-0230 | 1 Miniupnp Project | 1 Miniupnpd | 2024-08-06 | N/A |
| Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method. | ||||
| CVE-2014-3985 | 2 Miniupnp Project, Opensuse | 2 Miniupnp, Opensuse | 2024-08-06 | N/A |
| The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read. | ||||
| CVE-2015-6031 | 4 Canonical, Debian, Miniupnp Project and 1 more | 5 Ubuntu Linux, Debian Linux, Miniupnpc and 2 more | 2024-08-06 | N/A |
| Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name. | ||||
| CVE-2016-3179 | 1 Miniupnp Project | 1 Minissdpd | 2024-08-05 | 5.5 Medium |
| The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling. | ||||
| CVE-2016-3178 | 1 Miniupnp Project | 1 Minissdpd | 2024-08-05 | 5.5 Medium |
| The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value. | ||||
| CVE-2017-1000494 | 1 Miniupnp Project | 1 Miniupnpd | 2024-08-05 | N/A |
| Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact | ||||
| CVE-2017-8798 | 1 Miniupnp Project | 1 Miniupnpd | 2024-08-05 | N/A |
| Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | ||||
| CVE-2018-11575 | 1 Miniupnp Project | 1 Ngiflib | 2024-08-05 | N/A |
| ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. | ||||
| CVE-2018-11576 | 1 Miniupnp Project | 1 Ngiflib | 2024-08-05 | N/A |
| ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. | ||||
| CVE-2018-11578 | 1 Miniupnp Project | 1 Ngiflib | 2024-08-05 | N/A |
| GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. | ||||
| CVE-2018-10677 | 1 Miniupnp Project | 1 Ngiflib | 2024-08-05 | N/A |
| The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file. | ||||
| CVE-2019-20219 | 1 Miniupnp Project | 1 Ngiflib | 2024-08-05 | 8.8 High |
| ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. | ||||
| CVE-2019-19011 | 1 Miniupnp Project | 1 Ngiflib | 2024-08-05 | 7.5 High |
| MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. | ||||
| CVE-2019-16347 | 1 Miniupnp Project | 1 Ngiflib | 2024-08-05 | 8.8 High |
| ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | ||||