Vulnerabilities > Miniupnp Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-11 CVE-2020-24221 Infinite Loop vulnerability in Miniupnp Project Ngiflib 0.4
An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop).
local
low complexity
miniupnp-project CWE-835
5.5
5.5
2023-08-02 CVE-2023-39113 Unspecified vulnerability in Miniupnp Project Ngiflib
ngiflib commit fb271 was discovered to contain a segmentation violation via the function "main" at gif2tag.c.
local
low complexity
miniupnp-project
5.5
5.5
2023-08-02 CVE-2023-39114 Unspecified vulnerability in Miniupnp Project Ngiflib 0.1/0.2/0.4
ngiflib commit 84a75 was discovered to contain a segmentation violation via the function SDL_LoadAnimatedGif at ngiflibSDL.c.
local
low complexity
miniupnp-project
5.5
5.5
2023-07-19 CVE-2023-37748 Infinite Loop vulnerability in Miniupnp Project Ngiflib
ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c.
local
low complexity
miniupnp-project CWE-835
5.5
5.5
2023-07-17 CVE-2022-30858 Resource Exhaustion vulnerability in Miniupnp Project Ngiflib 0.4
An issue was discovered in ngiflib 0.4.
network
low complexity
miniupnp-project CWE-400
6.5
6.5
2021-08-27 CVE-2021-36530 Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4
ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary. 		6.8
6.8
2021-08-27 CVE-2021-36531 Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4
ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary. 		6.8
6.8
2020-01-02 CVE-2019-20219 Out-of-bounds Read vulnerability in Miniupnp Project Ngiflib 0.4
ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. 		6.8
6.8
2019-11-01 CVE-2013-2600 Information Exposure vulnerability in multiple products
MiniUPnPd has information disclosure use of snprintf()
network
low complexity
miniupnp-project debian CWE-200
5.0
5.0
2019-05-15 CVE-2019-12111 NULL Pointer Dereference vulnerability in multiple products
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.
network
low complexity
miniupnp-project debian CWE-476
5.0
5.0