Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Miniupnpd Security Vulnerabilities

cve
cve

CVE-2013-0229

The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.

6.7AI Score

0.972EPSS

2013-01-31 09:55 PM
65
cve
cve

CVE-2013-0230

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.

8AI Score

0.859EPSS

2013-01-31 09:55 PM
65
cve
cve

CVE-2013-1461

The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-...

6.6AI Score

0.859EPSS

2013-01-31 09:55 PM
33
cve
cve

CVE-2013-1462

Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability ...

6.5AI Score

0.859EPSS

2013-01-31 09:55 PM
27
cve
cve

CVE-2013-2600

MiniUPnPd has information disclosure use of snprintf()

7.5CVSS

7.2AI Score

0.025EPSS

2019-11-01 12:15 PM
172
cve
cve

CVE-2017-1000494

Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact

7.8CVSS

7.7AI Score

0.001EPSS

2018-01-03 02:29 PM
192
cve
cve

CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

9.8CVSS

9.5AI Score

0.058EPSS

2017-05-11 01:29 AM
979
cve
cve

CVE-2019-12106

The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability.

7.5CVSS

7.4AI Score

0.008EPSS

2019-05-15 11:29 PM
132
cve
cve

CVE-2019-12108

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.

7.5CVSS

7.1AI Score

0.005EPSS

2019-05-15 11:29 PM
119
cve
cve

CVE-2019-12109

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.

7.5CVSS

7.1AI Score

0.005EPSS

2019-05-15 11:29 PM
131
cve
cve

CVE-2019-12111

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.

7.5CVSS

7.1AI Score

0.003EPSS

2019-05-15 11:29 PM
160