174 matches found
CVE-2024-52917
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...
CVE-2015-20111
miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...
CVE-2024-52917
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...
CVE-2015-20111
miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...
CVE-2015-20111
CVE-2015-20111 affects MiniUPnP/miniupnp (and downstreams such as Bitcoin Core before v0.12) where the code does not check snprintf return values, causing a buffer overflow and a data leak. Affected component is the UPnP daemon (miniupnpd) and related miniupnp code prior to the commit 4c90b87; th...
PT-2024-35485 · Unknown · Bitcoin Core
Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 22.0 Description: The issue is related to an infinite loop in the miniupnp component, where memory is allocated based on random data received over the network, such as large M-SEARCH replies from a fake UPnP...
CVE-2015-20111
miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...
Bitcoin Core 安全漏洞
Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in Bitcoin Core versions prior to 22.0 that stems from the fact that miniupnp will loop indefinitely...
PT-2024-10566 · Bitcoin · Bitcoin Core
🚨 CVE-2015-20111 miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was...
CVE-2024-52917
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...
CVE-2024-52917
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...
CVE-2024-52917
CVE-2024-52917 affects Bitcoin Core prior to 22.0. The issue is a miniupnp infinite loop where memory is allocated based on random data from the network (e.g., large M-SEARCH replies from a fake UPnP device), potentially causing an unbounded loop. The root cause is in the miniupnp handling within...
CVE-2020-24221
An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service DoS via crafted .gif file infinite loop...
CVE-2020-24221
The CVE-2020-24221 vulnerability is in miniupnp ngiflib version 0.4, specifically the GetByte function. A crafted GIF file can trigger an infinite loop, enabling a local DoS. The connected sources consistently describe a local-denial-of-service condition without details on affected platforms beyo...
CVE-2020-24221
An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service DoS via crafted .gif file infinite loop...
SUSE CVE-2014-3985
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...
SUSE CVE-2017-8798
Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...
CVE-2019-12111
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c...
CVE-2019-19011
MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette...
CVE-2019-19011
MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette...