Lucene search
+L

271 matches found

NVD
NVD
added 2 days ago9 views

CVE-2021-27137

An issue was discovered in router/upnp/src/ssdp.c in DD-WRT before 45724. An unsafe strcpy in the UPnP handling functionality allows an unauthenticated remote attacker to send a request that would overflow an internal fixed buffer. Exploitation requires the DD-WRT user to enable UPnP which is off...

8.1CVSS0.05447EPSS
Exploits1References5
NVD
NVD
added 4 days ago7 views

CVE-2026-58547

Heap-based buffer overflow in Universal Plug and Play upnp.dll allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00353EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-49180

Improper link resolution before file access 'link following' in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally...

5.5CVSS0.00273EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-58547

CVE-2026-58547 is a Windows UPnP Device Host vulnerability. The issue is a heap-based buffer overflow in upnp.dll that allows an authenticated local attacker to elevate privileges. The NVD entry and multiple advisories describe the root cause as a heap overflow in UPnP device host, with CVSS deta...

7.8CVSS6.1AI score0.00353EPSS
Exploits0References1Affected Software9
Cvelist
Cvelist
added 4 days ago23 views

CVE-2026-50455 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

...

5.5CVSS0.00306EPSS
Exploits0References1
CVE
CVE
added 4 days ago19 views

CVE-2026-50455

CVE-2026-50455 describes an information disclosure in Universal Plug and Play (upnp.dll) caused by the use of an uninitialized resource. The vulnerability allows an authorized local attacker to disclose information. The reported impact shows confidentiality impact (C) as High, with local access a...

5.5CVSS6AI score0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 days ago7 views

CVE-2026-50455 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

...

5.5CVSS6.1AI score0.00306EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago23 views

CVE-2026-49180 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

...

5.5CVSS0.00273EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 4 days ago3 views

CVE-2026-49180 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

...

5.5CVSS6.1AI score0.00273EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 4 days ago11 views

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Heap-based buffer overflow in Universal Plug and Play upnp.dll allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00353EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago17 views

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Use of uninitialized resource in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally...

5.5CVSS6.1AI score0.00306EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago22 views

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Improper link resolution before file access 'link following' in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally...

5.5CVSS6.1AI score0.00273EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.13 views

CVE-2026-45599

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.19 views

CVE-2026-45635

Access of resource using incompatible type 'type confusion' in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS0.0052EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.4 views

CVE-2026-45635

Access of resource using incompatible type 'type confusion' in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS7.3AI score0.0052EPSS
Exploits0References2Affected Software19
EUVD
EUVD
added 2026/06/09 5:5 p.m.14 views

EUVD-2026-35563

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:5 p.m.12 views

CVE-2026-45635 Windows UPnP Device Host Remote Code Execution Vulnerability

...

8.1CVSS5.4AI score0.0052EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:5 p.m.35 views

CVE-2026-45599

The CVE-2026-45599 entry describes a use-after-free in Windows’ Universal Plug and Play component (upnp.dll) that enables a remote attacker to execute code over the network via the UPnP Device Host. The vulnerability is rated CVSSv3.1: 8.1 (HIGH) with Network attack vector, no privileges required...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1Affected Software13
EUVD
EUVD
added 2026/06/09 5:5 p.m.16 views

EUVD-2026-35556

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-47988

Name of the Vulnerable Software and Affected Versions Universal Plug and Play affected versions not specified Description A use after free issue in the Universal Plug and Play component upnp.dll allows an unauthorized remote attacker to execute arbitrary code and affect the system over a network...

8.1CVSS5.9AI score0.0052EPSS
Exploits0References6
Rows per page
Query Builder