Vulnerabilities > Transmissionbt > Transmission > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-15 | CVE-2018-10756 | Use After Free vulnerability in multiple products Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file. | 7.8 |
| 2018-01-15 | CVE-2018-5702 | Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS rebinding attack. | 8.8 |
| 2010-01-08 | CVE-2010-0012 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. | 8.8 |