Miniupnp Project

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-5720 1Miniupnp Project 1Miniupnpd May 11, 2026 Apr 17, 2026 7.1 HIGH· v4 9.1 CRITICAL· v3 N/A· v2 miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a singl...Show more miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting improper length validation in ParseHttpHeaders(), where the parsed length underflows to a large unsigned value when passed to memchr(), causing the process to scan memory far beyond the allocated HTTP request buffer.Show less
CVE-2020-24221 1Miniupnp Project 1Ngiflib Nov 21, 2024 Aug 11, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop).
CVE-2023-39114 1Miniupnp Project 1Ngiflib Nov 21, 2024 Aug 2, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 ngiflib commit 84a75 was discovered to contain a segmentation violation via the function SDL_LoadAnimatedGif at ngiflibSDL.c. This vulnerability is triggered when running the program SDLaffgif.
CVE-2023-39113 1Miniupnp Project 1Ngiflib Nov 21, 2024 Aug 2, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 ngiflib commit fb271 was discovered to contain a segmentation violation via the function "main" at gif2tag.c. This vulnerability is triggered when running the program gif2tga.
CVE-2023-37748 1Miniupnp Project 1Ngiflib Nov 21, 2024 Jul 19, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c.
CVE-2022-30858 1Miniupnp Project 1Ngiflib Nov 21, 2024 Jul 17, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif. poc : ./SDLaffgif CA_file2_0
CVE-2021-36531 1Miniupnp Project 1Ngiflib Nov 21, 2024 Aug 27, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary.
CVE-2021-36530 1Miniupnp Project 1Ngiflib Nov 21, 2024 Aug 27, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary.
CVE-2019-20219 1Miniupnp Project 1Ngiflib Nov 21, 2024 Jan 2, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c.
CVE-2019-19011 1Miniupnp Project 1Ngiflib Nov 21, 2024 Nov 17, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.
CVE-2013-2600 2Debian Miniupnp Project 2Debian Linux Miniupnpd Nov 21, 2024 Nov 1, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 MiniUPnPd has information disclosure use of snprintf()
CVE-2019-16347 1Miniupnp Project 1Ngiflib Nov 21, 2024 Sep 16, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
CVE-2019-16346 1Miniupnp Project 1Ngiflib Nov 21, 2024 Sep 16, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
CVE-2019-12111 2Debian Miniupnp Project 2Debian Linux Miniupnpd Nov 21, 2024 May 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.
CVE-2019-12109 1Miniupnp Project 1Miniupnpd Nov 21, 2024 May 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.
CVE-2019-12108 1Miniupnp Project 1Miniupnpd Nov 21, 2024 May 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.
CVE-2019-12106 1Miniupnp Project 1Miniupnpd Nov 21, 2024 May 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability.
CVE-2018-11657 1Miniupnp Project 1Ngiflib Nov 21, 2024 Jun 1, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif.
CVE-2018-11578 1Miniupnp Project 1Ngiflib Nov 21, 2024 May 31, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault.
CVE-2018-11576 1Miniupnp Project 1Ngiflib Nov 21, 2024 May 31, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor.

12 Next