Vulnerabilities > Miniupnp Project > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-27 CVE-2021-36530 Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4
ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary.
network
low complexity
miniupnp-project CWE-787
8.8
8.8
2021-08-27 CVE-2021-36531 Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4
ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary.
network
low complexity
miniupnp-project CWE-787
8.8
8.8
2020-01-02 CVE-2019-20219 Out-of-bounds Read vulnerability in Miniupnp Project Ngiflib 0.4
ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c.
network
low complexity
miniupnp-project CWE-125
8.8
8.8
2019-11-17 CVE-2019-19011 NULL Pointer Dereference vulnerability in Miniupnp Project Ngiflib 0.4
MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.
network
low complexity
miniupnp-project CWE-476
7.5
7.5
2019-11-01 CVE-2013-2600 Information Exposure vulnerability in multiple products
MiniUPnPd has information disclosure use of snprintf()
network
low complexity
miniupnp-project debian CWE-200
7.5
7.5
2019-09-16 CVE-2019-16347 Incorrect Calculation vulnerability in Miniupnp Project Ngiflib 0.4
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
network
low complexity
miniupnp-project CWE-682
8.8
8.8
2019-09-16 CVE-2019-16346 Incorrect Calculation vulnerability in Miniupnp Project Ngiflib 0.4
ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
network
low complexity
miniupnp-project CWE-682
8.8
8.8
2019-05-15 CVE-2019-12111 NULL Pointer Dereference vulnerability in multiple products
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.
network
low complexity
miniupnp-project debian CWE-476
7.5
7.5
2019-05-15 CVE-2019-12109 NULL Pointer Dereference vulnerability in Miniupnp Project Miniupnpd
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.
network
low complexity
miniupnp-project CWE-476
7.5
7.5
2019-05-15 CVE-2019-12108 NULL Pointer Dereference vulnerability in Miniupnp Project Miniupnpd
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.
network
low complexity
miniupnp-project CWE-476
7.5
7.5