Lucene search
K
Miniupnp ProjectNgiflib

17 matches found

CVE
CVE
added 2023/08/02 12:0 a.m.60 views

CVE-2023-39114

CVE-2023-39114 affects ngiflib (commit 84a75) with a segmentation violation in SDL_LoadAnimatedGif inside ngiflibSDL.c when running SDLaffgif. Documented impact: MEDIUM severity (CVSS v3.1: 5.5) with local attack vector, no privileges required, user interaction needed, and availability impact rat...

5.5CVSS5.5AI score0.00251EPSS
CVE
CVE
added 2018/05/31 12:0 a.m.55 views

CVE-2018-11575

CVE-2018-11575 affects MiniUPnP ngiflib 0.4; a stack-based buffer overflow occurs in DecodeGifImg of ngiflib.c. This is described as potentially allowing arbitrary code execution or denial of service. Attack vector is network-based with low complexity per the NVD entry; CVSS metrics indicate high...

9.8CVSS9.7AI score0.01529EPSS
CVE
CVE
added 2018/05/31 12:0 a.m.55 views

CVE-2018-11578

The CVE-2018-11578 entry concerns MiniUPnP ngiflib 0.4, where GifIndexToTrueColor in ngiflib.c is reported to cause a segmentation fault. The description consistently states that a segmentation fault occurs in the GifIndexToTrueColor routine of the ngiflib.c file within MiniUPnP ngiflib 0.4. Mult...

6.5CVSS6.4AI score0.01017EPSS
CVE
CVE
added 2018/06/01 3:0 p.m.55 views

CVE-2018-11657

The CVE-2018-11657 issue affects MiniUPnP’s ngiflib 0.4, specifically the DecodeGifImg and LoadGif routines, which can enter an infinite loop. The vulnerability is described across multiple sources (NVD, Red Hat, OSV, CVE listings) as ngiflib.c in MiniUPnP ngiflib 0.4 with an infinite loop in tho...

7.5CVSS7.5AI score0.01063EPSS
CVE
CVE
added 2021/08/27 3:24 p.m.54 views

CVE-2021-36531

NGIFLIB 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, where GetByte() reads beyond the memory buffer. Documented as CVE-2021-36531 . NVD reports CVSSv3.1 base score 8.8 (Network, High impact on confidentiality, integrity, availability). No remediation/patch details...

8.8CVSS8.9AI score0.01064EPSS
CVE
CVE
added 2023/07/19 12:0 a.m.54 views

CVE-2023-37748

CVE-2023-37748 concerns ngiflib; the issue is an infinite loop in the DecodeGifImg function of ngiflib.c within commit 5e7292. Documented impact indicates MEDIUM base criticality with local attack vector, requiring user interaction and resulting in HIGH availability impact. Connected PT-2023-2609...

5.5CVSS5.6AI score0.0026EPSS
CVE
CVE
added 2020/01/02 2:10 p.m.53 views

CVE-2019-20219

The CVE-2019-20219 entry concerns ngiflib 0.4, which contains a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. The vulnerability is described consistently across sources (NVD, Red Hat, CNVD, OSV, etc.). Affects the GifIndexToTrueColor function in ngiflib.c of ngiflib 0.4; exploi...

8.8CVSS8.7AI score0.01288EPSS
CVE
CVE
added 2018/05/03 5:0 p.m.51 views

CVE-2018-10717

CVE-2018-10717 affects MiniUPnP ngiflib 0.4. The DecodeGifImg function in ngiflib.c does not correctly bound the pixels data structure, allowing a remote attacker to trigger a denial of service via a heap-based buffer overflow when processing a crafted GIF file, with the impact described as possi...

8.8CVSS9.1AI score0.02019EPSS
CVE
CVE
added 2018/05/31 12:0 a.m.51 views

CVE-2018-11576

CVE-2018-11576 affects MiniUPnP ngiflib 0.4, where a heap-based buffer over-read occurs in GifIndexToTrueColor within ngiflib.c. Multiple sources (NVD, CNVD, OSV, PRION) report this as a high-severity vulnerability with a network attack vector and no authentication required; CVSSv3 base score 9.8...

9.8CVSS9.5AI score0.01444EPSS
CVE
CVE
added 2021/08/27 3:25 p.m.51 views

CVE-2021-36530

CVE-2021-36530 affects ngiflib 0.4. The vulnerability is a heap overflow in GetByteStr() (ngiflib.c:108) under NGIFLIB_NO_FILE mode where GetByteStr() copies memory without boundary checks, potentially impacting confidentiality, integrity, and availability (CVSS v3.1: HIGH, NETWORK attack, no aut...

8.8CVSS8.9AI score0.01064EPSS
CVE
CVE
added 2019/09/16 12:57 p.m.48 views

CVE-2019-16347

The vulnerability CVE-2019-16347 affects ngiflib 0.4, describing a heap-based buffer overflow in WritePixels() within ngiflib.c when DecodeGifImg is invoked. The root cause is mishandled deinterlacing for small pictures, which streams into a heap overflow condition. The connected advisories (Red ...

8.8CVSS8.9AI score0.01499EPSS
CVE
CVE
added 2019/11/16 3:1 p.m.48 views

CVE-2019-19011

Summary: CVE-2019-19011 affects MiniUPnP ngiflib 0.4 and is a NULL pointer dereference in GifIndexToTrueColor (ngiflib.c) when parsing a GIF file that lacks a color palette. Multiple connected sources (CNVD-2020-41519 and RH: CVE-2019-19011 entries) confirm the vulnerable component and function, ...

7.5CVSS7.4AI score0.01729EPSS
CVE
CVE
added 2023/07/17 12:0 a.m.46 views

CVE-2022-30858

CVE-2022-30858 affects ngiflib 0.4. The issue is a SEGV in SDL_LoadAnimatedGif when using SDLaffgif, with a proof-of-concept: ./SDLaffgif CA_file2_0. Connected sources consistently describe a memory crash caused by this path; no public details on patches or mitigations are provided in the supplie...

6.5CVSS6.4AI score0.0053EPSS
CVE
CVE
added 2019/09/16 12:57 p.m.44 views

CVE-2019-16346

CVE-2019-16346 concerns ngiflib 0.4, where a heap-based buffer overflow occurs in WritePixel() of ngiflib.c when invoked via DecodeGifImg. The root cause is described as mishandled deinterlacing for small pictures, leading to memory corruption. The available references document this vulnerability...

8.8CVSS8.9AI score0.01641EPSS
CVE
CVE
added 2023/08/02 12:0 a.m.44 views

CVE-2023-39113

CVE-2023-39113 affects ngiflib (a C library for decoding GIFs). The vulnerability is a segmentation fault in the main function of gif2tag.c, triggered when running the gif2tga tool. Documented impact indicates a segmentation fault (availability impact) but does not provide exploitable vectors, af...

5.5CVSS5.5AI score0.00251EPSS
CVE
CVE
added 2018/05/02 7:0 p.m.40 views

CVE-2018-10677

Summary: The vulnerability affects MiniUPnP ngiflib 0.4, specifically the DecodeGifImg function in ngiflib.c, which does not correctly validate width/height bounds. This lack of validation can enable a remote attacker to trigger a denial of service via a heap-based WritePixels buffer overflow and...

8.8CVSS9AI score0.01508EPSS
CVE
CVE
added 2023/08/11 12:0 a.m.39 views

CVE-2020-24221

The CVE-2020-24221 vulnerability is in miniupnp ngiflib version 0.4, specifically the GetByte function. A crafted GIF file can trigger an infinite loop, enabling a local DoS. The connected sources consistently describe a local-denial-of-service condition without details on affected platforms beyo...

5.5CVSS5.3AI score0.00296EPSS