Known Vulnerabilities for products from Miniupnp Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Miniupnp Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-36531 | ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without c... | 8.8 - HIGH | 2021-08-27 | 2021-09-07 |
| CVE-2021-36530 | ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer wit... | 8.8 - HIGH | 2021-08-27 | 2021-09-07 |
| CVE-2020-24221 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2023-08-11 | 2023-08-16 |
| CVE-2019-20219 | ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. | 8.8 - HIGH | 2020-01-02 | 2020-01-08 |
| CVE-2019-12111 | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDif... | 7.5 - HIGH | 2019-05-15 | 2020-09-28 |
| CVE-2019-12109 | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPi... | 7.5 - HIGH | 2019-05-15 | 2020-09-28 |
| CVE-2019-12108 | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPi... | 7.5 - HIGH | 2019-05-15 | 2020-09-28 |
| CVE-2019-12106 | The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due ... | 7.5 - HIGH | 2019-05-15 | 2019-05-27 |
| CVE-2018-11657 | ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif. | 7.5 - HIGH | 2018-06-01 | 2019-10-03 |
| CVE-2018-11578 | GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. | 6.5 - MEDIUM | 2018-05-31 | 2018-07-13 |
| CVE-2018-11576 | ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. | 9.8 - CRITICAL | 2018-05-31 | 2018-06-28 |
| CVE-2018-11575 | ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. | 9.8 - CRITICAL | 2018-05-31 | 2020-08-24 |
| CVE-2018-10717 | The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, whi... | 8.8 - HIGH | 2018-05-03 | 2020-08-24 |
| CVE-2018-10677 | The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows re... | 8.8 - HIGH | 2018-05-02 | 2020-08-24 |
| CVE-2017-1000494 | Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker ... | 7.8 - HIGH | 2018-01-03 | 2019-05-30 |
| CVE-2017-8798 | Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of servic... | 9.8 - CRITICAL | 2017-05-11 | 2020-04-30 |
| CVE-2016-3179 | The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (inval... | 5.5 - MEDIUM | 2017-03-24 | 2021-04-19 |
| CVE-2016-3178 | The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-o... | 5.5 - MEDIUM | 2017-03-24 | 2021-04-23 |
| CVE-2015-6031 | Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 al... | 6.8 - MEDIUM | 2015-11-02 | 2019-06-18 |
| CVE-2014-3985 | The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via c... | 5 - MEDIUM | 2014-09-11 | 2020-09-28 |