Vulnerabilities > Miniupnp Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-03 | CVE-2018-10717 | Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4 The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677. | 8.8 |
| 2018-05-02 | CVE-2018-10677 | Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4 The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file. | 8.8 |
| 2018-01-03 | CVE-2017-1000494 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Miniupnp Project Miniupnpd Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact | 7.8 |
| 2017-05-11 | CVE-2017-8798 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Miniupnp Project Miniupnpd Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | 9.8 |
| 2017-03-24 | CVE-2016-3179 | Use After Free vulnerability in Miniupnp Project Minissdpd 1.2.201309073 The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling. | 5.5 |
| 2017-03-24 | CVE-2016-3178 | Out-of-bounds Read vulnerability in Miniupnp Project Minissdpd 1.2.201309073 The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value. | 5.5 |