Aggregates CVE and security vulnerability intelligence across all xunlei-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk buffer overflow, with potential vendor impact application crash and vendor impact memory corruption across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-2224 | Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability." | [email protected] | 7.5 | 1.89% | 2012-04-11 | 2026-04-29 |
| CVE-2007-6144 | Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information. | [email protected] | 6.0 | 9.49% | 2007-11-27 | 2026-04-23 |
| CVE-2007-5064 | Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information. | [email protected] | 6.8 | 6.28% | 2007-09-24 | 2026-04-23 |
| CVE-2007-3296 | The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods. | [email protected] | 9.3 | 0.91% | 2007-06-20 | 2026-04-23 |