Transmissionbt Transmission — known CVE vulnerabilities
Every CVE whose affected-product data names Transmissionbt Transmission, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2010-0748 — CVSS 9.8 (critical): Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large…
CVE-2018-5702 — CVSS 8.8 (high): Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows…
CVE-2010-0012 — CVSS 8.8 (high): Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to…
CVE-2018-10756 — CVSS 7.8 (high): Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or…
CVE-2012-6129 — CVSS 7.5 (high): Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers…
CVE-2009-1757 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the…
CVE-2010-1853 — CVSS 6.8 (medium): Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote…
CVE-2014-4909 — CVSS 6.8 (medium): Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause…
CVE-2010-0749 — CVSS 5.3 (medium): Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame.
CVE-2012-4037 — CVSS 2.6 (low): Multiple cross-site scripting (XSS) vulnerabilities in the web client in Transmission before 2.61 allow remote attackers to inject…