CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12111
https://notcve.org/view.php?id=CVE-2019-12111
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. Existe una vulnerabilidad de Denegación de Servicio en MiniUPnP MiniUPnPd hasta la versión 2.1, debido a una desreferencia de puntero NULL en copyIPv6IfDifferent en pcpserver.c. • https://github.com/miniupnp/miniupnp/commit/cb8a02af7a5677cf608e86d57ab04241cf34e24f https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/4542-1 https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12110
https://notcve.org/view.php?id=CVE-2019-12110
An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c. Se presenta una vulnerabilidad de Denegación de Servicio (DoS) en AddPortMap en MiniUPnP MiniUPnPd versión hasta 2.1, a causa de una desreferencia del puntero NULL en upnpredirect.c. • https://github.com/miniupnp/miniupnp/commit/f321c2066b96d18afa5158dfa2d2873a2957ef38 https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/4542-1 https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12109
https://notcve.org/view.php?id=CVE-2019-12109
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. Existe una vulnerabilidad de Denegación de Servicio en MiniUPnP MiniUPnPd hasta la versión 2.1, debido a una diferencia de puntero NULL en GetOutboundPinholeTimeout en upnpsoap.c para rem_port. • https://github.com/miniupnp/miniupnp/commit/13585f15c7f7dc28bbbba1661efb280d530d114c https://github.com/miniupnp/miniupnp/commit/86030db849260dd8fb2ed975b9890aef1b62b692 https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/4542-1 https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12108
https://notcve.org/view.php?id=CVE-2019-12108
A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. Existe una vulnerabilidad de Denegación de Servicio en MiniUPnP MiniUPnPd hasta la versión 2.1, debido a una diferencia de puntero NULL en GetOutboundPinholeTimeout en upnpsoap.c para int_port. • https://github.com/miniupnp/miniupnp/commit/13585f15c7f7dc28bbbba1661efb280d530d114c https://github.com/miniupnp/miniupnp/commit/86030db849260dd8fb2ed975b9890aef1b62b692 https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/4542-1 https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12107
https://notcve.org/view.php?id=CVE-2019-12107
The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value. La función upnp_event_prepare en el archivo upnpevents.c en MiniUPnP MiniUPnPd hasta la versión 2.1, permite a un atacante remoto filtrar información desde la pila debido a la validación inapropiada de un valor de retorno snprintf. • https://github.com/miniupnp/miniupnp/commit/bec6ccec63cadc95655721bc0e1dd49dac759d94 https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/4542-1 https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-252: Unchecked Return Value •