Vulnerabilities > Miniupnp Project > Miniupnpd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-01 | CVE-2013-2600 | Information Exposure vulnerability in multiple products MiniUPnPd has information disclosure use of snprintf() | 5.0 |
| 2019-05-15 | CVE-2019-12111 | NULL Pointer Dereference vulnerability in multiple products A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. | 5.0 |
| 2019-05-15 | CVE-2019-12109 | NULL Pointer Dereference vulnerability in Miniupnp Project Miniupnpd A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. | 5.0 |
| 2019-05-15 | CVE-2019-12108 | NULL Pointer Dereference vulnerability in Miniupnp Project Miniupnpd A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. | 5.0 |
| 2019-05-15 | CVE-2019-12106 | Use After Free vulnerability in Miniupnp Project Miniupnpd 1.4/1.5 The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability. | 5.0 |
| 2018-01-03 | CVE-2017-1000494 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Miniupnp Project Miniupnpd Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact | 4.6 |
| 2017-05-11 | CVE-2017-8798 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Miniupnp Project Miniupnpd Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | 7.5 |
| 2014-09-11 | CVE-2014-3985 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read. | 5.0 |
| 2013-01-31 | CVE-2013-1462 | Numeric Errors vulnerability in Miniupnp Project Miniupnpd 1.0 Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230. | 7.8 |
| 2013-01-31 | CVE-2013-1461 | Denial-Of-Service vulnerability in Miniupnp Project Miniupnpd 1.0 The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230. | 7.8 |