Known Vulnerabilities for products from Miniupnp Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Miniupnp Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-5720 json | miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a de... | Not Provided | 2026-04-17 | 2026-05-11 |
| CVE-2023-37748 json | ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c. | 5.5 - MEDIUM | 2023-07-19 | 2023-07-28 |
| CVE-2021-36531 json | ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without c... | 8.8 - HIGH | 2021-08-27 | 2021-09-07 |
| CVE-2021-36530 json | ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer wit... | 8.8 - HIGH | 2021-08-27 | 2021-09-07 |
| CVE-2020-24221 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2023-08-11 | 2023-08-16 |
| CVE-2019-20219 json | ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. | 8.8 - HIGH | 2020-01-02 | 2020-01-08 |
| CVE-2019-12111 json | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDif... | 7.5 - HIGH | 2019-05-15 | 2020-09-28 |
| CVE-2019-12109 json | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPi... | 7.5 - HIGH | 2019-05-15 | 2020-09-28 |
| CVE-2019-12108 json | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPi... | 7.5 - HIGH | 2019-05-15 | 2020-09-28 |
| CVE-2019-12106 json | The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due ... | 7.5 - HIGH | 2019-05-15 | 2019-05-27 |
| CVE-2018-11657 json | ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif. | 7.5 - HIGH | 2018-06-01 | 2019-10-03 |
| CVE-2018-11578 json | GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. | 6.5 - MEDIUM | 2018-05-31 | 2018-07-13 |
| CVE-2018-11576 json | ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. | 9.8 - CRITICAL | 2018-05-31 | 2018-06-28 |
| CVE-2018-11575 json | ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. | 9.8 - CRITICAL | 2018-05-31 | 2020-08-24 |
| CVE-2018-10717 json | The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, whi... | 8.8 - HIGH | 2018-05-03 | 2020-08-24 |
| CVE-2018-10677 json | The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows re... | 8.8 - HIGH | 2018-05-02 | 2020-08-24 |
| CVE-2017-1000494 json | Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker ... | 7.8 - HIGH | 2018-01-03 | 2019-05-30 |
| CVE-2017-8798 json | Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of servic... | Not Provided | 2017-05-11 | 2025-04-20 |
| CVE-2016-3179 json | The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (inval... | Not Provided | 2017-03-24 | 2025-04-20 |
| CVE-2016-3178 json | The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-o... | Not Provided | 2017-03-24 | 2025-04-20 |