Lucene search
K

32 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-10756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service crash or possibly execute arbitrary...

7.8CVSS7.6AI score0.02632EPSS
Exploits2References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.5 views

SUSE CVE-2007-2809

Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274...

9.3CVSS8.1AI score0.06314EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.2 views

SUSE CVE-2007-3929

Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...

9.3CVSS8AI score0.06466EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.1 views

SUSE CVE-2018-10756

Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted torrent file...

7.8CVSS7.9AI score0.02632EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.4 views

SUSE CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

6.1CVSS6.2AI score0.00736EPSS
Exploits1References3
Gentoo Linux
Gentoo Linux
added 2022/10/16 12:0 a.m.29 views

Deluge: Cross-Site Scripting

Background Deluge is a BitTorrent client. Description Deluge does not sufficiently sanitize crafted torrent file data, leading to the application interpreting untrusted data as HTML. Impact An attacker can achieve XSS via a crafted torrent file. Workaround There is no known workaround at this tim...

6.1CVSS1.4AI score0.00736EPSS
Exploits1
OSV
OSV
added 2022/08/27 12:0 a.m.18 views

GHSA-5C8P-QHCH-QHX6 Deluge Web-UI vulnerable to XSS through a crafted torrent file

The Deluge Web-UI is vulnerable to cross-site scripting through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context ...

6.1CVSS5.9AI score0.00736EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/08/27 12:0 a.m.48 views

Deluge Web-UI vulnerable to XSS through a crafted torrent file

The Deluge Web-UI is vulnerable to cross-site scripting through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context ...

6.1CVSS6AI score0.00736EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2022/08/26 4:15 p.m.13 views

CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

6.1CVSS0.00736EPSS
Exploits1References3
OSV
OSV
added 2022/08/26 4:15 p.m.21 views

CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

6.1CVSS6.1AI score
Exploits0References3
AlpineLinux
AlpineLinux
added 2022/08/26 4:15 p.m.29 views

CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

5.8CVSS0.4AI score0.00736EPSS
Exploits1
OSV
OSV
added 2022/08/26 4:15 p.m.20 views

PYSEC-2022-256

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

6.1CVSS0.4AI score0.00736EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/08/26 12:0 a.m.32 views

CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

6.2AI score0.00736EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/08/02 12:0 a.m.10 views

Debian: Security Advisory (DLA-2305-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.02632EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.27 views

GLSA-202007-07 : Transmission: Remote code execution

The remote host is affected by the vulnerability described in GLSA-202007-07 Transmission: Remote code execution Transmission mishandles some memory management which may allow manipulation of the heap. Impact : A remote attacker could entice a user to open a specially crafted torrent file using...

7.8CVSS8AI score0.02632EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.25 views

Amazon Linux AMI : transmission (ALAS-2020-1399)

The version of transmission installed on the remote host is prior to 3.00-1.1. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1399 advisory. Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service...

7.8CVSS8.1AI score0.02632EPSS
Exploits2References3
OSV
OSV
added 2020/05/27 9:52 a.m.3 views

MGASA-2020-0235 Updated transmission packages fix security vulnerability

Updated transmission packages fix security vulnerability: Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted torrent file CVE-2018-10756...

7.8CVSS8.1AI score0.02632EPSS
Exploits2References3
Mageia
Mageia
added 2020/05/27 9:52 a.m.32 views

Updated transmission packages fix security vulnerability

Updated transmission packages fix security vulnerability: Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted torrent file CVE-2018-10756...

7.8CVSS7.8AI score0.02632EPSS
Exploits2References2
NVD
NVD
added 2020/05/15 4:15 p.m.20 views

CVE-2018-10756

Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted torrent file...

7.8CVSS7.9AI score0.02632EPSS
Exploits2References7
OSV
OSV
added 2020/05/15 4:15 p.m.144 views

CVE-2018-10756

Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted torrent file...

7.8CVSS8AI score0.02632EPSS
Exploits2References7
Rows per page
Query Builder