Vulnerabilities > Bittorrent
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-17 | CVE-2018-25042 | Out-of-bounds Write vulnerability in Bittorrent Utorrent A vulnerability classified as critical has been found in uTorrent. | 6.8 |
| 2022-06-17 | CVE-2018-25043 | Improper Authentication vulnerability in Bittorrent Utorrent A vulnerability classified as critical was found in uTorrent. | 6.8 |
| 2022-06-17 | CVE-2018-25044 | Improper Privilege Management vulnerability in Bittorrent Utorrent A vulnerability, which was classified as critical, has been found in uTorrent. | 6.8 |
| 2020-03-02 | CVE-2020-8437 | NULL Pointer Dereference vulnerability in Bittorrent Utorrent The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service. | 5.0 |
| 2015-08-13 | CVE-2015-5685 | Improper Input Validation vulnerability in Bittorrent Bootstrap-Dht The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing." | 7.5 |
| 2015-08-13 | CVE-2015-5474 | Command Injection vulnerability in multiple products BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitrary commands via a crafted URL using the (1) bittorrent or (2) magnet protocol. | 9.3 |
| 2015-04-13 | CVE-2015-2846 | Command Injection vulnerability in Bittorrent Sync BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link. | 9.3 |
| 2014-12-12 | CVE-2014-8515 | Command Injection vulnerability in Bittorrent The web interface in BitTorrent allows remote attackers to execute arbitrary commands by leveraging knowledge of the pairing values and a crafted request to port 10000. | 6.8 |
| 2014-10-31 | CVE-2014-8509 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bittorrent Bootstrap-Dht The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote attackers to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Improper Indexing." | 7.5 |
| 2009-09-04 | CVE-2008-7166 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) and earlier, and uTorrent 1.7.6 (build 7859) and earlier, allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted Range header. | 5.0 |