Miniupnp Project

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-11575 1Miniupnp Project 1Ngiflib Nov 21, 2024 May 31, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg.
CVE-2018-10717 1Miniupnp Project 1Ngiflib Nov 21, 2024 May 3, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow...Show more The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677.Show less
CVE-2018-10677 1Miniupnp Project 1Ngiflib Nov 21, 2024 May 2, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and applica...Show more The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file.Show less
CVE-2017-1000494 1Miniupnp Project 1Miniupnpd Nov 21, 2024 Jan 3, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecif...Show more Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impactShow less
CVE-2017-8798 1Miniupnp Project 1Miniupnpd May 13, 2026 May 11, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2016-3179 1Miniupnp Project 1Minissdpd May 13, 2026 Mar 24, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling.
CVE-2016-3178 1Miniupnp Project 1Minissdpd May 13, 2026 Mar 24, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (out-of-bounds memory access and daemon crash) via vectors involving a negative length value.
CVE-2015-6031 4Canonical DebianMiniupnp Project+1 more 5Debian Linux LeapMiniupnpc+2 more May 6, 2026 Nov 2, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute...Show more Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name.Show less
CVE-2014-3985 2Miniupnp Project Opensuse 2Miniupnp Opensuse May 6, 2026 Sep 11, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read.
CVE-2013-1462 1Miniupnp Project 1Miniupnpd Apr 29, 2026 Jan 31, 2013 N/A· v4 N/A· v3 7.8 HIGH· v2 Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAc...Show more Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230.Show less
CVE-2013-1461 1Miniupnp Project 1Miniupnpd Apr 29, 2026 Jan 31, 2013 N/A· v4 N/A· v3 7.8 HIGH· v2 The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction he...Show more The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230.Show less
CVE-2013-0230 1Miniupnp Project 1Miniupnpd Apr 29, 2026 Jan 31, 2013 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.
CVE-2013-0229 1Miniupnp Project 1Miniupnpd Apr 29, 2026 Jan 31, 2013 N/A· v4 N/A· v3 7.8 HIGH· v2 The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-re...Show more The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.Show less

Previous 12