Lucene search
K

12 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2018-0230)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.11926EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/06/20 12:0 a.m.21 views

GLSA-201806-07 : Transmission: Remote code execution

The remote host is affected by the vulnerability described in GLSA-201806-07 Transmission: Remote code execution A vulnerability was discovered in how Transmission handles access control through the X-Transmission-Session-Id. Impact : A remote attacker could execute arbitrary RFC commands or...

8.8CVSS8.7AI score0.11926EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/03/14 12:0 a.m.28 views

Fedora Update for transmission FEDORA-2018-b166805347

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.11926EPSS
Exploits1References2
Amazon
Amazon
added 2018/02/07 12:0 a.m.21 views

Medium: transmission

Issue Overview: Transmission relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a D...

8.8CVSS9.3AI score0.11926EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/01/21 12:0 a.m.19 views

Debian: Security Advisory (DLA-1246-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.11926EPSS
Exploits1References3
Debian
Debian
added 2018/01/18 10:51 p.m.23 views

[SECURITY] [DLA 1246-1] transmission security update

Package : transmission Version : 2.52-3+nmu3 CVE ID : CVE-2018-5702 Debian Bug : 886990 Tavis Ormandy discovered a vulnerability in the Transmission BitTorrent client; insecure RPC handling between the Transmission daemon and the client interfaces may result in the execution of arbitrary code if ...

8.8CVSS9.2AI score0.11926EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/01/18 12:0 a.m.27 views

Fedora 27 : transmission (2018-d1e263e68e)

Security fix for CVE-2018-5702 Mitigate dns rebinding attacks against daemon Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

8.8CVSS8.1AI score0.11926EPSS
Exploits1References2
ArchLinux
ArchLinux
added 2018/01/17 12:0 a.m.34 views

[ASA-201801-13] transmission-cli: arbitrary command execution

Arch Linux Security Advisory ASA-201801-13 ========================================== Severity: High Date : 2018-01-17 CVE-ID : CVE-2018-5702 Package : transmission-cli Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-588 Summary ======= The package...

8.8CVSS1.4AI score0.11926EPSS
Exploits1References7
OSV
OSV
added 2018/01/15 4:29 p.m.2 views

DEBIAN-CVE-2018-5702

Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...

8.8CVSS8.9AI score0.11926EPSS
Exploits1References1
OSV
OSV
added 2018/01/15 4:29 p.m.67 views

CVE-2018-5702

Transmission through 2.92 relies on X-Transmission-Session-Id which is not a forbidden header for Fetch for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS...

8.8CVSS8AI score
Exploits0References7
CVE
CVE
added 2018/01/15 4:0 p.m.92 views

CVE-2018-5702

Transmission 2.92 and earlier versions rely on X-Transmission-Session-Id for access control, which is not a forbidden header for Fetch. This allows remote attackers to execute arbitrary RPC commands and write arbitrary files via POST to /transmission/rpc when combined with a DNS rebinding attack....

8.8CVSS8.8AI score0.11926EPSS
Exploits1References7Affected Software1
Circl
Circl
added 2018/01/11 12:0 a.m.28 views

CVE-2018-5702

creationtimestamp| type| source ---|---|--- 2018-01-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43665 2018-01-16 10:48:53+00:00| seen| https://t.me/SecLabNews/1303...

8.8CVSS8.2AI score0.11926EPSS
Exploits1References2
Rows per page
Query Builder