Vulnerabilities (CVE)

Filtered by vendor Readymedia Project Subscribe
Filtered by product Readymedia
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28926 2 Debian, Readymedia Project 2 Debian Linux, Readymedia 2022-08-06 7.5 HIGH 9.8 CRITICAL
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.
CVE-2022-26505 2 Debian, Readymedia Project 2 Debian Linux, Readymedia 2022-06-03 4.3 MEDIUM 7.4 HIGH
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.
CVE-2013-2738 1 Readymedia Project 1 Readymedia 2019-11-04 7.5 HIGH 9.8 CRITICAL
minidlna has SQL Injection that may allow retrieval of arbitrary files
CVE-2013-2739 2 Debian, Readymedia Project 2 Debian Linux, Readymedia 2019-11-04 7.5 HIGH 9.8 CRITICAL
MiniDLNA has heap-based buffer overflow