Filter
AND

Software

tor (the onion router)
48

Tor (The Onion Router)Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes n…

medium
5
First published (updated )
CVE-2006-3416

Tor (The Onion Router)Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could all…

medium
6.4
First published (updated )
CVE-2006-3417

Tor (The Onion Router)Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry r…

medium
5.1
First published (updated )
CVE-2009-0654

Tor (The Onion Router)Infoleak

medium
4.3
First published (updated )
CVE-2011-4895

Tor (The Onion Router)The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the…

medium
5
First published (updated )
CVE-2006-3413

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Tor (The Onion Router)Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attack…

medium
6.4
First published (updated )
CVE-2006-3415

Tor (The Onion Router)Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identi…

medium
5
First published (updated )
CVE-2006-3418

Tor (The Onion Router)Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographicall…

medium
5
First published (updated )
CVE-2006-3419

Tor (The Onion Router)TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than …

medium
6.4
First published (updated )
CVE-2006-3411

Tor (The Onion Router)Infoleak

medium
4.3
First published (updated )
CVE-2011-4896

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Tor (The Onion Router)Infoleak

medium
5
First published (updated )
CVE-2010-0385

Tor (The Onion Router)Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certa…

medium
5
First published (updated )
CVE-2005-2643

Tor (The Onion Router)Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and po…

medium
5
First published (updated )
CVE-2005-2050

Tor (The Onion Router)Tor allows remote attackers to discover the IP address of a hidden service by accessing this service…

medium
5
First published (updated )
CVE-2006-6893

Tor (The Onion Router)Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) Sc…

medium
4
First published (updated )
CVE-2006-4508

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Tor (The Onion Router)Unspecified vulnerability in the directory server (dirserver) in Tor before 0.1.1.20 allows remote a…

medium
5
First published (updated )
CVE-2006-3408

Tor (The Onion Router)Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via …

medium
6.4
First published (updated )
CVE-2006-3407

Tor (The Onion Router)Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attacke…

medium
6.4
First published (updated )
CVE-2006-3412

Tor (The Onion Router)Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, whic…

medium
5
First published (updated )
CVE-2006-3414

Tor (The Onion Router)Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit node…

medium
5
First published (updated )
CVE-2006-3410

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Tor (The Onion Router)Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server t…

medium
5
First published (updated )
CVE-2006-0414

Tor (The Onion Router)Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost p…

medium
5.8
First published (updated )
CVE-2007-4174

Tor (The Onion Router)Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard …

medium
5.8
First published (updated )
CVE-2007-4099

Tor (The Onion Router)Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which al…

medium
6.4
First published (updated )
CVE-2007-4097

Tor (The Onion Router)Buffer Overflow

medium
5.8
First published (updated )
CVE-2007-4096

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Tor (The Onion Router)Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allo…

medium
5.8
First published (updated )
CVE-2007-4098

Tor (The Onion Router)Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who …

medium
4.3
First published (updated )
CVE-2007-1103

Tor (The Onion Router)The connection_edge_process_relay_cell_not_open function in src/or/relay.c in Tor 0.2.x before 0.2.0…

medium
5
First published (updated )
CVE-2009-2426

Tor (The Onion Router)Input Validation

medium
5
First published (updated )
CVE-2009-2425

Tor (The Onion Router)Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of servi…

medium
5
First published (updated )
CVE-2009-0937

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203