CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12106
https://notcve.org/view.php?id=CVE-2019-12106
The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability. La función updateDevice en minissdpd.c en MiniUPnP MiniSSDPd versión 1.4 y versión 1.5, permite que un atacante remoto bloquee el proceso debido a una vulnerabilidad de acceso a memoria previamente liberada (User-After-Free). • https://github.com/miniupnp/miniupnp/commit/cd506a67e174a45c6a202eff182a712955ed6d6f https://lists.debian.org/debian-lts-announce/2019/05/msg00037.html https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11657
https://notcve.org/view.php?id=CVE-2018-11657
ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif. ngiflib.c en MiniUPnP ngiflib 0.4 tiene un bucle infinito en DecodeGifImg y LoadGif. • https://github.com/miniupnp/ngiflib/issues/7 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-11578
https://notcve.org/view.php?id=CVE-2018-11578
GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. GifIndexToTrueColor en ngiflib.c en MiniUPnP ngiflib 0.4 tiene un fallo de segmentación. • https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib https://github.com/miniupnp/ngiflib/issues/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11575
https://notcve.org/view.php?id=CVE-2018-11575
ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. ngiflib.c en MiniUPnP ngiflib 0.4 tiene un desbordamiento de búfer basado en pila en DecodeGifImg. • https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib https://github.com/miniupnp/ngiflib/issues/4 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11576
https://notcve.org/view.php?id=CVE-2018-11576
ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. ngiflib.c en MiniUPnP ngiflib 0.4 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en GifIndexToTrueColor. • https://github.com/Edward-L/fuzzing-pocs/tree/master/ngiflib https://github.com/miniupnp/ngiflib/issues/6 • CWE-125: Out-of-bounds Read •