Vulnerabilities > Miniupnp Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-11 | CVE-2020-24221 | Infinite Loop vulnerability in Miniupnp Project Ngiflib 0.4 An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop). | 5.5 |
| 2023-07-19 | CVE-2023-37748 | Infinite Loop vulnerability in Miniupnp Project Ngiflib ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c. | 5.5 |
| 2021-08-27 | CVE-2021-36530 | Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4 ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary. | 6.8 |
| 2021-08-27 | CVE-2021-36531 | Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4 ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary. | 6.8 |
| 2020-01-02 | CVE-2019-20219 | Out-of-bounds Read vulnerability in Miniupnp Project Ngiflib 0.4 ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. | 6.8 |
| 2019-11-01 | CVE-2013-2600 | Information Exposure vulnerability in multiple products MiniUPnPd has information disclosure use of snprintf() | 5.0 |
| 2019-05-15 | CVE-2019-12111 | NULL Pointer Dereference vulnerability in multiple products A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. | 5.0 |
| 2019-05-15 | CVE-2019-12109 | NULL Pointer Dereference vulnerability in Miniupnp Project Miniupnpd A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. | 5.0 |
| 2019-05-15 | CVE-2019-12108 | NULL Pointer Dereference vulnerability in Miniupnp Project Miniupnpd A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. | 5.0 |
| 2019-05-15 | CVE-2019-12106 | Use After Free vulnerability in Miniupnp Project Miniupnpd 1.4/1.5 The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability. | 5.0 |