Skip to main content

Transmission

4 CVEs product

Monthly

CVE-2018-5702 HIGH POC THREAT This Week

Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Transmission Debian Linux
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
11.9%
CVE-2014-4909 MEDIUM POC This Month

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow Ubuntu Linux Fedora +2
NVD
CVSS 2.0
6.8
EPSS
9.2%
CVE-2012-6129 HIGH POC This Week

Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Transmission Ubuntu Linux +1
NVD
CVSS 2.0
7.5
EPSS
2.7%
CVE-2012-4037 LOW POC PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the web client in Transmission before 2.61 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) created by, or. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

XSS Transmission
NVD
CVSS 2.0
2.6
EPSS
0.5%
EPSS 12% CVSS 8.8
HIGH POC THREAT This Week

Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Transmission Debian Linux
NVD GitHub Exploit-DB
EPSS 9% CVSS 6.8
MEDIUM POC This Month

Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow +4
NVD
EPSS 3% CVSS 7.5
HIGH POC This Week

Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE +3
NVD
EPSS 1% CVSS 2.6
LOW POC PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the web client in Transmission before 2.61 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) created by, or. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

XSS Transmission
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy