Vulnerabilities > Miniupnp Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-15 | CVE-2019-12109 | NULL Pointer Dereference vulnerability in Miniupnp Project Miniupnpd A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. | 5.0 |
| 2019-05-15 | CVE-2019-12108 | NULL Pointer Dereference vulnerability in Miniupnp Project Miniupnpd A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. | 5.0 |
| 2019-05-15 | CVE-2019-12106 | Use After Free vulnerability in Miniupnp Project Miniupnpd 1.4/1.5 The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability. | 5.0 |
| 2018-06-01 | CVE-2018-11657 | Infinite Loop vulnerability in Miniupnp Project Ngiflib 0.4 ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif. | 5.0 |
| 2018-05-31 | CVE-2018-11578 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Miniupnp Project Ngiflib 0.4 GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. | 4.3 |
| 2018-05-03 | CVE-2018-10717 | Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4 The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677. | 6.8 |
| 2018-05-02 | CVE-2018-10677 | Out-of-bounds Write vulnerability in Miniupnp Project Ngiflib 0.4 The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file. | 6.8 |
| 2018-01-03 | CVE-2017-1000494 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Miniupnp Project Miniupnpd Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact | 4.6 |
| 2015-11-02 | CVE-2015-6031 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name. | 6.8 |
| 2014-09-11 | CVE-2014-3985 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read. | 5.0 |