miniupnp_project miniupnpd の CVE(12 件)

CVE 件数: 12 CPE versions: View versions table

概要

本ページは miniupnp_project miniupnpd に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 112 / 12 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-5720 miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting improper length validation in ParseHttpHeaders(), where the parsed length underflows to a large unsigned value when passed to memchr(), causing the process to scan memory far beyond the allocated HTTP reque [email protected] 7.1 0.67% 2026-04-17 2026-06-29
CVE-2013-2600 MiniUPnPd has information disclosure use of snprintf() [email protected] 7.5 2.33% 2019-11-01 2026-06-16
CVE-2019-12111 A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. [email protected] 7.5 3.40% 2019-05-15 2026-06-16
CVE-2019-12109 A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. [email protected] 7.5 2.75% 2019-05-15 2026-06-16
CVE-2019-12108 A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. [email protected] 7.5 2.75% 2019-05-15 2026-06-16
CVE-2019-12106 The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability. [email protected] 7.5 2.83% 2019-05-15 2026-06-16
CVE-2017-1000494 Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact [email protected] 7.8 0.47% 2018-01-03 2026-06-16
CVE-2017-8798 Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. [email protected] 9.8 24.03% 2017-05-10 2026-06-16
CVE-2013-1462 Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230. [email protected] 7.8 1.85% 2013-01-31 2026-06-16
CVE-2013-1461 The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230. [email protected] 7.8 2.79% 2013-01-31 2026-06-16
CVE-2013-0230 Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method. [email protected] 10.0 69.15% 2013-01-31 2026-06-16
CVE-2013-0229 The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read. [email protected] 7.8 76.40% 2013-01-31 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence