Lucene search
K

184 matches found

Debian CVE
Debian CVE
added 2019/11/01 11:48 a.m.27 views

CVE-2013-2600

MiniUPnPd has information disclosure use of snprintf...

7.5CVSS6.9AI score0.02335EPSS
Exploits1
NVD
NVD
added 2019/10/17 7:15 p.m.16 views

CVE-2019-12611

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product. Specially crafted packets sent to the miniupnpd implementation in result in the device allocating memory without freeing it later. This behavior can cause the...

4.9CVSS4.7AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2019/10/17 7:15 p.m.5 views

CVE-2019-12611

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product. Specially crafted packets sent to the miniupnpd implementation in result in the device allocating memory without freeing it later. This behavior can cause the...

4.4CVSS5.8AI score0.00323EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/17 6:55 p.m.21 views

CVE-2019-12611

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product. Specially crafted packets sent to the miniupnpd implementation in result in the device allocating memory without freeing it later. This behavior can cause the...

4.7AI score0.00323EPSS
Exploits0References1
CVE
CVE
added 2019/10/17 6:55 p.m.47 views

CVE-2019-12611

Bitdefender BOX firmware pre-2.1.37.37-34 is affected. The vulnerability lies in the miniupnpd implementation where specially crafted packets trigger memory allocation that is not freed, potentially causing the miniupnpd component to crash or the device to reboot. Impact is described as availabil...

4.9CVSS4.7AI score0.00323EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.39 views

Fedora 31 : miniupnpd (2019-0a26e06dd5)

Security patches. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

7.5CVSS6.1AI score0.03404EPSS
Exploits5References6
OSV
OSV
added 2019/06/18 9:15 p.m.3 views

CVE-2017-8330

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in...

6.5CVSS5.8AI score0.01478EPSS
Exploits1References3
NVD
NVD
added 2019/06/18 9:15 p.m.20 views

CVE-2017-8330

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in...

6.5CVSS6.5AI score0.01478EPSS
Exploits1References3
Prion
Prion
added 2019/06/18 9:15 p.m.13 views

Input validation

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in...

3.3CVSS6.5AI score0.01478EPSS
Exploits1References3Affected Software3
Cvelist
Cvelist
added 2019/06/18 8:43 p.m.20 views

CVE-2017-8330

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the "NewInMessage" SOAP parameter passed with a huge payload results in...

6.5AI score0.01478EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2019/06/01 12:0 a.m.50 views

Debian: Security Advisory (DLA-1811-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.03404EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2019/05/31 12:0 a.m.35 views

Debian DLA-1811-1 : miniupnpd security update

Ben Barnea and colleagues from VDOO discovered several vulnerabilities in miniupnpd, a small daemon that provides UPnP Internet Gateway Device and Port Mapping Protocol services. The issues are basically information leak, NULL pointer dereferences and uses after free. For Debian 8 'Jessie', these...

7.8CVSS6.4AI score0.03404EPSS
Exploits6References8
Debian
Debian
added 2019/05/30 5:15 p.m.174 views

[SECURITY] [DLA 1811-1] miniupnpd security update

Package : miniupnpd Version : 1.8.20140523-4+deb8u1 CVE ID : CVE-2017-1000494 CVE-2019-12107 CVE-2019-12108 CVE-2019-12109 CVE-2019-12110 CVE-2019-12111 Ben Barnea and colleagues from VDOO discovered several vulnerabilities in miniupnpd, a small daemon that provides UPnP Internet Gateway Device a...

7.8CVSS8.1AI score0.03404EPSS
Exploits6
OSV
OSV
added 2019/05/30 12:0 a.m.169 views

DLA-1811-1 miniupnpd - security update

Bulletin has no description...

7.8CVSS7.5AI score0.03404EPSS
Exploits6
UbuntuCve
UbuntuCve
added 2019/05/15 11:29 p.m.19 views

CVE-2019-12108

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for intport...

7.5CVSS7.1AI score0.02753EPSS
Exploits1References5
NVD
NVD
added 2019/05/15 11:29 p.m.18 views

CVE-2019-12106

The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability...

7.5CVSS7.5AI score0.02829EPSS
Exploits1References3
OSV
OSV
added 2019/05/15 11:29 p.m.1 views

UBUNTU-CVE-2019-12108

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for intport...

7.5CVSS7.1AI score0.02753EPSS
Exploits1References6
Prion
Prion
added 2019/05/15 11:29 p.m.29 views

Null pointer dereference

An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c...

5CVSS7.2AI score0.02575EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2019/05/15 11:29 p.m.21 views

Null pointer dereference

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for intport...

5CVSS7.2AI score0.02753EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2019/05/15 11:29 p.m.32 views

Null pointer dereference

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c...

5CVSS7.2AI score0.03404EPSS
Exploits1References4Affected Software2
Rows per page
Query Builder