CVE-2026-24798

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine prog/3rdPartyLibs/miniupnpc modules. This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor20250115...

CVE-2026-24798

CVE-2026-24798 concerns an improper restriction of operations within the bounds of a memory buffer tied to GaijinEntertainment’s DagorEngine (and related 3rd‑party modules such as miniupnpc). Connected sources indicate affected software/versions include DagorEngine up to dagor_2025_01_15, Cardboa...

CVE-2026-24798 An Uninitialized stack variable vulnerability in GaijinEntertainment/DagorEngine

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine prog/3rdPartyLibs/miniupnpc modules. This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor20250115...

CVE-2026-24798 An Uninitialized stack variable vulnerability in GaijinEntertainment/DagorEngine

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine prog/3rdPartyLibs/miniupnpc modules. This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor20250115...

PT-2026-4867

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine prog/3rdPartyLibs/miniupnpc modules. This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor 2025 01 15...

DagorEngine security vulnerabilities

DagorEngine is a game development engine and tool open-sourced by Gaijin Entertainment. Versions of DagorEngine dated before dagor20250115 contained security vulnerabilities. These vulnerabilities were caused by improper memory buffer operations in the miniupnpc component upnpreplyparse.C, which...

SUSE CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

Mageia: Security Advisory (MGASA-2014-0224)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0313)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0250)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-2197-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2197-1 : miniupnpc security update

It was discovered that there was a integer signedness error in the miniupnpc UPnP client that could allow remote attackers to cause a denial of service attack. For Debian 8 'Jessie', this problem has been fixed in version 1.9.20140610-2+deb8u2. We recommend that you upgrade your miniupnpc package...

[SECURITY] [DLA 2197-1] miniupnpc security update

Package : miniupnpc Version : 1.9.20140610-2+deb8u2 CVE ID : CVE-2017-8798 It was discovered that there was a integer signedness error in the miniupnpc UPnP client that could allow remote attackers to cause a denial of service attack. For Debian 8 "Jessie", this problem has been fixed in version...

DLA-2197-1 miniupnpc - security update

Bulletin has no description...

Information Disclosure

miniupnpc-vc140 is vulnerable to information disclosure. Failure to validate a return value obj-tosend from snprintf allows a user to send a value larger than the buffer's length to cause a heap memory leak...

MGASA-2018-0250 Updated miniupnpc packages fix security vulnerability

It was discovered that miniupnpc contained a heap buffer overflow in parseelt minixml.c - no CVE assigned. It was discovered that miniupnpc also contained a memory corruption invalid read, SIGSEGV in NameValueParserEndElt upnpreplyparse.c while handling two consecutive malformed SOAP requests...

Updated miniupnpc packages fix security vulnerability

It was discovered that miniupnpc contained a heap buffer overflow in parseelt minixml.c - no CVE assigned. It was discovered that miniupnpc also contained a memory corruption invalid read, SIGSEGV in NameValueParserEndElt upnpreplyparse.c while handling two consecutive malformed SOAP requests...

Monero: Buffer out of bound read in miniupnpc xml parser

Summary: This is a buffer oob read vulnerability in miniupnpc when parsing xml response. This vulnerability could result in denial of service attack in monero client to in local area Network. Description: In miniupnpc, file "Minixml.c": The funnction parseelt: static void parseeltstruct xmlparser...

Ubuntu: Security Advisory (USN-3562-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-949-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...