Filtered by vendor Readymedia Project
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-28926 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2022-08-05 | 7.5 HIGH | 9.8 CRITICAL |
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove. | |||||
CVE-2022-26505 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2022-06-03 | 4.3 MEDIUM | 7.4 HIGH |
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files. | |||||
CVE-2013-2738 | 1 Readymedia Project | 1 Readymedia | 2019-11-04 | 7.5 HIGH | 9.8 CRITICAL |
minidlna has SQL Injection that may allow retrieval of arbitrary files | |||||
CVE-2013-2739 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2019-11-04 | 7.5 HIGH | 9.8 CRITICAL |
MiniDLNA has heap-based buffer overflow |