Vulnerabilities > Vuze
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-13 | CVE-2018-13417 | XXE vulnerability in Vuze Bittorrent Client 5.7.6.0 In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. | 7.5 |
| 2009-04-03 | CVE-2008-6587 | Cross-Site Request Forgery (CSRF) vulnerability in Vuze 0.7.6 Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI), probably 0.7.6, allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter. | 6.8 |