Filter
AND
Tor (The Onion Router)Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack v…
10
First published (updated )
Tor (The Onion Router)Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors th…
10
First published (updated )
Tor (The Onion Router)Tor before 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration opt…
9.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Tor (The Onion Router)Buffer Overflow, Integer Overflow
7.5
First published (updated )
Tor (The Onion Router)Tor before 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, whic…
7.2
First published (updated )
Tor (The Onion Router)TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than …
6.4
First published (updated )
Tor (The Onion Router)Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via …
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Tor (The Onion Router)Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attacke…
6.4
First published (updated )
Tor (The Onion Router)Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attack…
6.4
First published (updated )
Tor (The Onion Router)Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could all…
6.4
First published (updated )
Tor (The Onion Router)Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which al…
6.4
First published (updated )
Tor (The Onion Router)Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost p…
5.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Tor (The Onion Router)Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard …
5.8
First published (updated )
Tor (The Onion Router)Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allo…
5.8
First published (updated )
Tor (The Onion Router)Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of…
5.8
First published (updated )
Tor (The Onion Router)Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry r…
5.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Tor (The Onion Router)Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certa…
First published (updated )
Tor (The Onion Router)Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and po…
First published (updated )
Tor (The Onion Router)Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server t…
First published (updated )
Tor (The Onion Router)Unspecified vulnerability in the directory server (dirserver) in Tor before 0.1.1.20 allows remote a…
First published (updated )
Tor (The Onion Router)Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographicall…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Tor (The Onion Router)The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the…
First published (updated )
Tor (The Onion Router)Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identi…
First published (updated )
Tor (The Onion Router)Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes n…
First published (updated )
Tor (The Onion Router)Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, whic…
First published (updated )
Tor (The Onion Router)Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit node…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.