CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24221
https://notcve.org/view.php?id=CVE-2020-24221
11 Aug 2023 — An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop). • https://github.com/miniupnp/ngiflib/issues/17 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39113
https://notcve.org/view.php?id=CVE-2023-39113
02 Aug 2023 — ngiflib commit fb271 was discovered to contain a segmentation violation via the function "main" at gif2tag.c. This vulnerability is triggered when running the program gif2tga. • https://github.com/miniupnp/ngiflib/issues/27 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39114
https://notcve.org/view.php?id=CVE-2023-39114
02 Aug 2023 — ngiflib commit 84a75 was discovered to contain a segmentation violation via the function SDL_LoadAnimatedGif at ngiflibSDL.c. This vulnerability is triggered when running the program SDLaffgif. • https://github.com/miniupnp/ngiflib/issues/29 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37748
https://notcve.org/view.php?id=CVE-2023-37748
19 Jul 2023 — ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c. • https://github.com/miniupnp/ngiflib • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-30858
https://notcve.org/view.php?id=CVE-2022-30858
17 Jul 2023 — An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif. poc : ./SDLaffgif CA_file2_0 • https://github.com/Marsman1996/pocs/blob/master/ngiflib/CVE-2022-30858/README.md • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-36530
https://notcve.org/view.php?id=CVE-2021-36530
27 Aug 2021 — ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffer without checking the boundary. ngiflib versión 0.4, presenta un desbordamiento de la pila en la función GetByteStr() en el archivo ngiflib.c:108 en modo NGIFLIB_NO_FILE, la función GetByteStr() copia el buffer de memoria sin comprobar el límite. • https://github.com/miniupnp/ngiflib/issues/19 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-36531
https://notcve.org/view.php?id=CVE-2021-36531
27 Aug 2021 — ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer without checking the boundary. ngiflib versión 0.4, presenta un desbordamiento de la pila en la función GetByte() en el archivo ngiflib.c:70 en modo NGIFLIB_NO_FILE, la función GetByte() lee el buffer de memoria sin comprobar el límite. • https://github.com/miniupnp/ngiflib/issues/18 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-20219
https://notcve.org/view.php?id=CVE-2019-20219
02 Jan 2020 — ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. ngiflib versión 0.4, tiene una lectura excesiva de búfer en la región heap de la memoria en la función GifIndexToTrueColor en el archivo ngiflib.c. • https://github.com/miniupnp/ngiflib/issues/15 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19011
https://notcve.org/view.php?id=CVE-2019-19011
16 Nov 2019 — MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. MiniUPnP ngiflib versión 0.4, tiene una desreferencia del puntero NULL en la función GifIndexToTrueColor en el archivo ngiflib.c por medio de un archivo que le falta una paleta. • https://github.com/miniupnp/ngiflib/issues/16 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2013-2600
https://notcve.org/view.php?id=CVE-2013-2600
01 Nov 2019 — MiniUPnPd has information disclosure use of snprintf() MiniUPnPd, presenta una divulgación de información en el uso de la función snprintf(). • http://archives.neohapsis.com/archives/bugtraq/2013-07/0085.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •