Lucene search
K

37 matches found

EUVD
EUVD
added 3 days ago5 views

EUVD-2026-40290

Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via deeply nested bencoded input. bdecode recurses once per nested list or dictionary level with no depth cap, and each recursive call receives the remaining buffer by value while the list and dictionary branches captu...

7.5CVSS6AI score0.00263EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/12/05 12:0 a.m.6 views

Transmission Integer Overflow

2017 research from Google where Tavis found that transmission suffered from various integer overflows when parsing torrent files...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-6550

Malware in sbrugna...

6.8CVSS6.4AI score0.00627EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-6549

Malware in sbrugna...

6.8CVSS6.4AI score0.02722EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-2269

Malware in sbrugna...

7.8CVSS6.2AI score0.08202EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-1755

Malware in sbrugna...

5.8CVSS6AI score0.0201EPSS
Exploits1References14
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.3 views

SUSE CVE-2009-1760

Directory traversal vulnerability in src/torrentinfo.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. dot dot and partial relative pathname in a Multiple...

5.8CVSS7AI score0.0201EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2022/08/26 4:15 p.m.26 views

CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

6.1CVSS6.6AI score0.00736EPSS
Exploits1References2
Prion
Prion
added 2022/08/26 4:15 p.m.13 views

Session fixation

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

5.8CVSS6.1AI score0.00736EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/08/26 4:15 p.m.1 views

UBUNTU-CVE-2021-3427

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's...

6.1CVSS6.6AI score0.00736EPSS
Exploits1References3
Hacker One
Hacker One
added 2020/08/27 8:23 a.m.14 views

Brave Software: Redirecting users to malicious torrent-files/websites using WebTorrent

Summary: An attacker can redirect a user to a malicious torrent file/website using a reverse tab-nabbbing flaw in WebTorrent. Description WebTorrent allows user to open files after download of while they are being downloaded directly from the browser F965466 An attacker can use this to redirect...

1.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/04 8:57 p.m.19 views

CVE-2008-5905

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request...

4.3CVSS7AI score0.02456EPSS
Exploits0References3
0day.today
0day.today
added 2018/02/27 12:0 a.m.18 views

Transmission Torrent Parsing Integer Overflows Exploit

Exploit for multiple platform in category dos / poc transmission: various integer overflow parsing torrent files I took a look at torrent file parsing in libtransmission, there are a few integer overflows because the trnew/trnew0 allocation wrappers don't handle overflow. define trnewstructtype,...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.33 views

Transmission - Integer Overflows Parsing Torrent Files

I took a look at torrent file parsing in libtransmission, there are a few integer overflows because the trnew/trnew0 allocation wrappers don't handle overflow. define trnewstructtype, nstructs \ structtype trmalloc sizeof structtype sizetnstructs define trnew0structtype, nstructs \ structtype...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2010/04/12 4:4 p.m.7 views

Ransomware Tactic Lures Via Copyright Scare

An ongoing ransomware campaign is pretending to be the fake ICPP Foundation icpp-online.com, where the ransomware locks down the user’s desktop issuing a “Copyright violation: copyrighted content detected” message which lists torrent files found on the infected PC and forces the user to pay $400...

0.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.27 views

Debian DSA-1967-1 : transmission - directory traversal

Dan Rosenberg discovered that Transmission, a lightwight client for the Bittorrent filesharing protocol, performs insufficient sanitising of file names specified in .torrent files. This could lead to the overwrite of local files with the privileges of the user running Transmission if the user is...

8.8CVSS7.8AI score0.04194EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2010/01/22 12:0 a.m.26 views

openSUSE Security Update : transmission (transmission-1777)

Specially crafted torrent files could overwrite arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update transmission-1777. The text description of this plugin is C SUSE LLC...

8.8CVSS8.6AI score0.04194EPSS
Exploits1References2
OSV
OSV
added 2010/01/08 5:30 p.m.3 views

CVE-2010-0012

Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. dot dot in a pathname within a .torrent file...

8.8CVSS8.5AI score
Exploits0References14
securityvulns
securityvulns
added 2010/01/08 12:0 a.m.37 views

Transmission bittorent client directory traversal

Directory traversal via .torrent files...

6.8CVSS4.5AI score0.04194EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2009/06/09 12:0 a.m.59 views

Rasterbar / libtorrent / firetorrent / qBittorrent / deluge Torrent directory traversal

Directory traversal on .torrent files processing...

5.8CVSS3.7AI score0.0201EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder