Bittorrent

bittorrent

13 CVEs • 4 products

Products (4)

Click to collapse

Toggle

CVEs (13)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-25044 1Bittorrent 1Utorrent Nov 21, 2024 Jun 17, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be...Show more A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.Show less
CVE-2018-25043 1Bittorrent 1Utorrent Nov 21, 2024 Jun 17, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated remotely. The exploi...Show more A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.Show less
CVE-2018-25042 1Bittorrent 1Utorrent Nov 21, 2024 Jun 17, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade t...Show more A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component.Show less
CVE-2020-8437 1Bittorrent 1Utorrent Nov 21, 2024 Mar 2, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service.
CVE-2015-5685 1Bittorrent 1Bootstrap Dht May 6, 2026 Aug 13, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing."
CVE-2015-5474 2Bittorrent Utorrent 2Bittorrent Utorrent May 6, 2026 Aug 13, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitrary commands via a crafted URL using the (1) bittorrent or (2) magnet protocol.
CVE-2015-2846 1Bittorrent 1Sync May 6, 2026 Apr 13, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link.
CVE-2014-8515 1Bittorrent 1Bittorrent May 6, 2026 Dec 12, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The web interface in BitTorrent allows remote attackers to execute arbitrary commands by leveraging knowledge of the pairing values and a crafted request to port 10000.
CVE-2014-8509 1Bittorrent 1Bootstrap Dht May 6, 2026 Oct 31, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote attackers to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Improper Indexing."
CVE-2008-7166 2Bittorrent Utorrent 2Bittorrent Utorrent Apr 23, 2026 Sep 4, 2009 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) and earlier, and uTorrent 1.7.6 (build 7859) and earlier, allows remote attackers to cause a denial of service (memory consumption and crash) via a cr...Show more Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) and earlier, and uTorrent 1.7.6 (build 7859) and earlier, allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted Range header. NOTE: this is probably a different vulnerability than CVE-2008-0071 and CVE-2008-0364.Show less
CVE-2008-4434 2Bittorrent Utorrent 2Bittorrent Utorrent Apr 23, 2026 Oct 3, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi...Show more Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Created By field in a .torrent file.Show less
CVE-2008-0071 2Bittorrent Utorrent 2Bittorrent Utorrent Apr 23, 2026 Jun 16, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The Web UI interface in (1) BitTorrent before 6.0.3 build 8642 and (2) uTorrent before 1.8beta build 10524 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a malformed Ran...Show more The Web UI interface in (1) BitTorrent before 6.0.3 build 8642 and (2) uTorrent before 1.8beta build 10524 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a malformed Range header.Show less
CVE-2008-0364 2Bittorrent Utorrent 2Bittorrent Utorrent Apr 23, 2026 Jan 18, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of service (application cras...Show more Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of service (application crash) via a long Unicode string representing a client version identifier.Show less