Lucene search
+L

174 matches found

NVD
NVD
added 2024/11/18 4:15 a.m.30 views

CVE-2024-52917

Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...

6.5CVSS0.00267EPSS
Exploits0References2
NVD
NVD
added 2024/11/18 4:15 a.m.38 views

CVE-2015-20111

miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...

9.8CVSS0.01267EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/18 12:0 a.m.11 views

CVE-2024-52917

Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...

6.9AI score0.00267EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/18 12:0 a.m.9 views

CVE-2015-20111

miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...

7.7AI score0.01267EPSS
Exploits0References4
CVE
CVE
added 2024/11/18 12:0 a.m.67 views

CVE-2015-20111

CVE-2015-20111 affects MiniUPnP/miniupnp (and downstreams such as Bitcoin Core before v0.12) where the code does not check snprintf return values, causing a buffer overflow and a data leak. Affected component is the UPnP daemon (miniupnpd) and related miniupnp code prior to the commit 4c90b87; th...

9.8CVSS7.7AI score0.01267EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.5 views

PT-2024-35485 · Unknown · Bitcoin Core

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions prior to 22.0 Description: The issue is related to an infinite loop in the miniupnp component, where memory is allocated based on random data received over the network, such as large M-SEARCH replies from a fake UPnP...

6.5CVSS7.2AI score0.00267EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/11/18 12:0 a.m.39 views

CVE-2015-20111

miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...

0.01267EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.4 views

Bitcoin Core 安全漏洞

Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in Bitcoin Core versions prior to 22.0 that stems from the fact that miniupnp will loop indefinitely...

6.5CVSS6.6AI score0.00267EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.4 views

PT-2024-10566 · Bitcoin · Bitcoin Core

🚨 CVE-2015-20111 miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was...

9.8CVSS8.3AI score0.04783EPSS
Exploits2References7
OSV
OSV
added 2024/11/18 12:0 a.m.5 views

CVE-2024-52917

Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...

6.5CVSS6.8AI score0.00267EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/11/18 12:0 a.m.18 views

CVE-2024-52917

Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...

0.00267EPSS
Exploits0References2
CVE
CVE
added 2024/11/18 12:0 a.m.63 views

CVE-2024-52917

CVE-2024-52917 affects Bitcoin Core prior to 22.0. The issue is a miniupnp infinite loop where memory is allocated based on random data from the network (e.g., large M-SEARCH replies from a fake UPnP device), potentially causing an unbounded loop. The root cause is in the miniupnp handling within...

6.5CVSS6.6AI score0.00267EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/08/11 2:15 p.m.23 views

CVE-2020-24221

An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service DoS via crafted .gif file infinite loop...

5.5CVSS5.3AI score0.00296EPSS
Exploits1References1
CVE
CVE
added 2023/08/11 12:0 a.m.39 views

CVE-2020-24221

The CVE-2020-24221 vulnerability is in miniupnp ngiflib version 0.4, specifically the GetByte function. A crafted GIF file can trigger an infinite loop, enabling a local DoS. The connected sources consistently describe a local-denial-of-service condition without details on affected platforms beyo...

5.5CVSS5.3AI score0.00296EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/11 12:0 a.m.11 views

CVE-2020-24221

An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service DoS via crafted .gif file infinite loop...

6.6AI score0.00296EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.3 views

SUSE CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

5CVSS6.9AI score0.03312EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.5 views

SUSE CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

9.8CVSS7.5AI score0.24027EPSS
Exploits6References3
RedhatCVE
RedhatCVE
added 2022/05/20 11:43 p.m.40 views

CVE-2019-12111

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c...

7.5CVSS2.8AI score0.03404EPSS
Exploits1References1
NVD
NVD
added 2019/11/17 6:15 p.m.17 views

CVE-2019-19011

MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette...

7.5CVSS7.5AI score0.01729EPSS
Exploits1References1
OSV
OSV
added 2019/11/17 6:15 p.m.20 views

CVE-2019-19011

MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette...

7.5CVSS6.8AI score0.01729EPSS
Exploits1References1
Rows per page
Query Builder