Vulnerabilities > Miniupnp Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-17 | CVE-2019-19011 | NULL Pointer Dereference vulnerability in Miniupnp Project Ngiflib 0.4 MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. | 7.5 |
| 2019-09-16 | CVE-2019-16347 | Incorrect Calculation vulnerability in Miniupnp Project Ngiflib 0.4 ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | 8.8 |
| 2019-09-16 | CVE-2019-16346 | Incorrect Calculation vulnerability in Miniupnp Project Ngiflib 0.4 ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled. | 8.8 |
| 2018-05-31 | CVE-2018-11576 | Out-of-bounds Read vulnerability in Miniupnp Project Ngiflib 0.4 ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. | 7.5 |
| 2018-05-31 | CVE-2018-11575 | Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4 ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. | 7.5 |
| 2017-05-11 | CVE-2017-8798 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Miniupnp Project Miniupnpd Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | 7.5 |
| 2013-01-31 | CVE-2013-1462 | Numeric Errors vulnerability in Miniupnp Project Miniupnpd 1.0 Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230. | 7.8 |
| 2013-01-31 | CVE-2013-1461 | Denial-Of-Service vulnerability in Miniupnp Project Miniupnpd 1.0 The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230. | 7.8 |
| 2013-01-31 | CVE-2013-0229 | Denial of Service vulnerability in MiniUPnP The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read. | 7.8 |