Aggregates CVE and security vulnerability intelligence across all winny-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk input validation and vendor risk buffer overflow; exposure may include vendor impact unexpected behavior in vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2010-2362 | Winny 2.0b7.1 and earlier does not properly process node information, which has unspecified impact and remote attack vectors that might lead to use of the product's host for DDoS attacks. | [email protected] | 10.0 | 0.35% | 2010-08-25 | 2026-04-29 |
| CVE-2010-2361 | Winny 2.0b7.1 and earlier does not properly process BBS information, which has unspecified impact and remote attack vectors that might lead to use of the product's host for DDoS attacks. | [email protected] | 10.0 | 0.35% | 2010-08-25 | 2026-04-29 |
| CVE-2006-2007 | Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port. | [email protected] | 7.5 | 10.67% | 2006-04-25 | 2026-04-16 |