VYPR
Vendor

Miniupnp Project

Products
4
CVEs
34
Across products
35
Status
Private

Products

4

Recent CVEs

34
View all 34 CVEs →
  • CVE-2017-8798CriMay 11, 2017
    risk 0.69cvss 9.8epss 0.24

    Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

  • CVE-2018-11576CriMay 31, 2018
    risk 0.64cvss 9.8epss 0.01

    ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor.

  • CVE-2018-11575CriMay 31, 2018
    risk 0.64cvss 9.8epss 0.02

    ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg.

  • CVE-2015-20111CriNov 18, 2024
    risk 0.57cvss 9.8epss 0.01

    miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was…

  • CVE-2026-5720CriApr 17, 2026
    risk 0.52cvss 9.1epss 0.01

    miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read…

  • CVE-2018-11657HigJun 1, 2018
    risk 0.49cvss 7.5epss 0.01

    ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif.

  • CVE-2018-11578MedMay 31, 2018
    risk 0.42cvss 6.5epss 0.01

    GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault.

  • CVE-2016-3179MedMar 24, 2017
    risk 0.36cvss 5.5epss 0.00

    The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling.

  • CVE-2016-3178MedMar 24, 2017
    risk 0.36cvss 5.5epss 0.00

    The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value.

  • CVE-2013-0230Jan 31, 2013
    risk 0.09cvss epss 0.69

    Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.

  • CVE-2013-0229Jan 31, 2013
    risk 0.09cvss epss 0.76

    The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.

  • CVE-2020-24221Aug 11, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop).

  • CVE-2023-39114Aug 2, 2023
    risk 0.00cvss epss 0.00

    ngiflib commit 84a75 was discovered to contain a segmentation violation via the function SDL_LoadAnimatedGif at ngiflibSDL.c. This vulnerability is triggered when running the program SDLaffgif.

  • CVE-2023-39113Aug 2, 2023
    risk 0.00cvss epss 0.00

    ngiflib commit fb271 was discovered to contain a segmentation violation via the function "main" at gif2tag.c. This vulnerability is triggered when running the program gif2tga.

  • CVE-2023-37748Jul 19, 2023
    risk 0.00cvss epss 0.00

    ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c.

  • CVE-2022-30858Jul 17, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif. poc : ./SDLaffgif CA_file2_0

  • CVE-2021-36531Aug 27, 2021
    risk 0.00cvss epss 0.01

    ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary.

  • CVE-2019-20219Jan 2, 2020
    risk 0.00cvss epss 0.01

    ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c.

  • CVE-2019-19011Nov 16, 2019
    risk 0.00cvss epss 0.02

    MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.

  • CVE-2019-16346Sep 16, 2019
    risk 0.00cvss epss 0.02

    ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.