Skip to main content

Deluge

4 CVEs product

Monthly

CVE-2019-25586 PyPI MEDIUM POC This Month

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Deluge
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2019-25585 PyPI MEDIUM POC This Month

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Deluge
NVD Exploit-DB VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2017-9031 CRITICAL PATCH Act Now

The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Deluge
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-7178 HIGH POC PATCH This Week

CSRF was discovered in the web UI in Deluge before 1.3.14. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Deluge Debian Linux
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
1.2%
EPSS 0% CVSS 6.2
MEDIUM POC This Month

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Deluge
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.2
MEDIUM POC This Month

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Deluge
NVD Exploit-DB VulDB
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Deluge
NVD
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

CSRF was discovered in the web UI in Deluge before 1.3.14. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Deluge Debian Linux
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy