EUVD-2021-14004

Malware in sbrugna...

EUVD-2020-6059

Malware in sbrugna...

SUSE CVE-2020-13848

Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/servicetable/servicetable.c...

Advisory ROSA-SA-2021-1898

Software: libupnp 1.6.25 OS: Cobalt 7.9 CVE-ID: CVE-2020-13848 CVE-Crit: HIGH CVE-DESC: Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service failure with a crafted SSDP message due to dereferencing a NULL pointer in the FindServiceControlURLPath an...

Denial Of Service (DoS)

libupnp is vulnerable to denial of service. A remote attackers is able to cause a denial of service crash via a malicious SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/servicetable/servicetable.c...

CVE-2021-27239

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on...

MGASA-2020-0270 Updated libupnp packages fix security vulnerability

The updated packages fix a security vulnerability: Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in...

Updated libupnp packages fix security vulnerability

The updated packages fix a security vulnerability: Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in...

Security update for libupnp (moderate)

openSUSE Security Update: Security update for libupnp Announcement ID: openSUSE-SU-2020:0805-1 Rating: moderate References: 1172625 Cross-References: CVE-2020-13848 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for libupnp...

Security update for libupnp (moderate)

openSUSE Security Update: Security update for libupnp Announcement ID: openSUSE-SU-2020:0821-1 Rating: moderate References: 1172625 Cross-References: CVE-2020-13848 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update f...

Portable UPnP SDK Code Issue Vulnerability

Portable UPnP SDK is a portable Universal Plug and Play UPnP software development kit SDK. Portable UPnP SDK 1.12.1 and earlier versions of the genlib/servicetable/servicetable.c file have 'FindServiceControlURLPath' and 'FindServiceEventURLPath' functions are vulnerable to a code issue. A remote...

Null pointer dereference

Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/servicetable/servicetable.c...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPat...

CVE-2020-13848

CVE-2020-13848 affects Portable UPnP SDK (libupnp) 1.12.1 and earlier. The vulnerability is a NULL pointer dereference in FindServiceControlURLPath and FindServiceEventURLPath inside genlib/service_table/service_table.c, exploitable via crafted SSDP messages to cause a denial of service (crash). ...

CVE-2020-13848

Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/servicetable/servicetable.c...

CVE-2001-1552

ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol SSDP message. NOTE: multiple replies to the original post state that the problem could not be reproduced...