Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tor tor 0.1.2.14 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4174
Tor prior to 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote malicious users to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing comman...
Tor Tor
Tor Tor 0.1.2.8
Tor Tor 0.1.2.7
Tor Tor 0.1.2.10
Tor Tor 0.1.2.9
Tor Tor 0.1.2.1
Tor Tor 0.1.2.2
Tor Tor 0.1.2.14
Tor Tor 0.1.2.13
Tor Tor 0.1.2.6
Tor Tor 0.1.2.5
Tor Tor 0.1.2.12
Tor Tor 0.1.2.11
Tor Tor 0.1.2.4
Tor Tor 0.1.2.3
2 EDB exploits
NA
CVE-2007-4099
Tor prior to 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks.
Tor Tor 0.1.0.10
Tor Tor 0.1.1.20
Tor Tor 0.1.1.23
Tor Tor 0.1.0.11
Tor Tor 0.1.0.12
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.1.0.18
Tor Tor 0.1.1.5 Alpha
Tor Tor 0.1.2.1 Alpha-cvs
Tor Tor 0.1.1.1 Alpha
Tor Tor 0.1.1.2 Alpha
Tor Tor 0.1.2.14
NA
CVE-2007-4096
Buffer overflow in Tor prior to 0.1.2.15, when using BSD natd support, allows remote malicious users to cause a denial of service via unspecified vectors.
Tor Tor 0.1.0.11
Tor Tor 0.1.0.12
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.1.1 Alpha
Tor Tor 0.1.1.2 Alpha
Tor Tor 0.1.2.14
Tor Tor 0.1.0.10
Tor Tor 0.1.1.20
Tor Tor 0.1.1.23
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.1.0.18
Tor Tor 0.1.1.5 Alpha
Tor Tor 0.1.2.1 Alpha-cvs
NA
CVE-2007-4097
Tor prior to 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote malicious users to obtain sensitive information, contrary to specifications.
Tor Tor 0.1.1.1 Alpha
Tor Tor 0.1.1.2 Alpha
Tor Tor 0.1.0.10
Tor Tor 0.1.0.11
Tor Tor 0.1.1.20
Tor Tor 0.1.1.23
Tor Tor 0.1.0.12
Tor Tor 0.1.0.13
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.1.0.14
Tor Tor 0.1.0.18
Tor Tor 0.1.1.5 Alpha
Tor Tor 0.1.2.1 Alpha-cvs
Tor Tor 0.1.2.14
NA
CVE-2007-4098
Tor prior to 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams.
Tor Tor 0.1.0.10
Tor Tor 0.1.1.2 Alpha
Tor Tor 0.1.1.20
Tor Tor 0.1.0.11
Tor Tor 0.1.0.12
Tor Tor 0.1.1.23
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.1.1.5 Alpha
Tor Tor 0.1.0.18
Tor Tor 0.1.1.1 Alpha
Tor Tor 0.1.2.1 Alpha-cvs
Tor Tor 0.1.2.14
NA
CVE-2007-3165
Tor prior to 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers.
Tor Tor 0.0.9.2
Tor Tor 0.0.9.3
Tor Tor 0.1.0.11
Tor Tor 0.1.0.12
Tor Tor 0.1.1.3 Alpha
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.0.9.1
Tor Tor 0.0.9.10
Tor Tor 0.0.9.8
Tor Tor 0.0.9.9
Tor Tor 0.1.0.10
Tor Tor 0.1.1.20
Tor Tor 0.1.1.23
Tor Tor 0.0.9.4
Tor Tor 0.0.9.5
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.1.1.5 Alpha
Tor Tor 0.1.2.1 Alpha-cvs
Tor Tor 0.0.9
Tor Tor 0.0.9.6
Tor Tor 0.0.9.7
NA
CVE-2008-5397
Tor prior to 0.2.0.32 does not properly process the (1) User and (2) Group configuration options, which might allow local users to gain privileges by leveraging unintended supplementary group memberships of the Tor process.
Tor Tor 0.0.7.1
Tor Tor 0.0.7
Tor Tor 0.0.6.2
Tor Tor 0.0.2 Pre26
Tor Tor 0.0.2 Pre25
Tor Tor 0.0.9.8
Tor Tor 0.0.9.9
Tor Tor 0.0.9.10
Tor Tor 0.0.2 Pre21
Tor Tor 0.0.2 Pre20
Tor Tor 0.0.2 Pre13
Tor Tor 0.1.1.7
Tor Tor 0.1.1.6 Alpha
Tor Tor 0.1.1.26
Tor Tor 0.1.1.6
Tor Tor 0.1.0.5
Tor Tor 0.1.0.8
Tor Tor 0.1.0.15
Tor Tor 0.1.0.18
Tor Tor 0.1.1.2
Tor Tor 0.1.1.2 Alpha
Tor Tor 0.1.1.12
NA
CVE-2008-5398
Tor prior to 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration option in situations where an exit relay issues a policy-based refusal of a stream, which allows remote exit relays to have an unknown impact by mapping an internal IP address to th...
Tor Tor 0.0.7.1
Tor Tor 0.0.7
Tor Tor 0.0.2 Pre27
Tor Tor 0.0.2 Pre26
Tor Tor 0.1.0.10
Tor Tor 0.0.9.8
Tor Tor 0.0.9.9
Tor Tor 0.0.9.1
Tor Tor 0.0.9.10
Tor Tor 0.0.2 Pre19
Tor Tor 0.0.2 Pre20
Tor Tor 0.1.1.7
Tor Tor 0.1.1.6 Alpha
Tor Tor 0.1.1.3
Tor Tor 0.1.1.26
Tor Tor 0.1.0.6
Tor Tor 0.1.0.5
Tor Tor 0.0.8.1
Tor Tor 0.0.8
Tor Tor 0.0.6
Tor Tor 0.0.5
Tor Tor 0.1.0.14
NA
CVE-2010-0383
Tor prior to 0.2.1.22, and 0.2.2.x prior to 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle malicious users to compromise the anonymity of traffic sources and destinations.
Tor Tor 0.2.1.1.13
Tor Tor 0.2.1.1.14
Tor Tor 0.2.1.1.21
Tor Tor 0.0.9
Tor Tor 0.0.6.1
Tor Tor 0.0.6
Tor Tor 0.1.0.13
Tor Tor 0.1.0.14
Tor Tor 0.0.9.6
Tor Tor 0.0.9.7
Tor Tor 0.1.2.13
Tor Tor 0.1.2.10
Tor Tor 0.1.1
Tor Tor 0.0.2 Pre18
Tor Tor 0.0.2 Pre16
Tor Tor 0.0.2
Tor Tor 0.1.1.8
Tor Tor 0.1.1.8 Alpha
Tor Tor 0.1.1.4
Tor Tor 0.1.1.4 Alpha
Tor Tor 0.1.0.6
Tor Tor 0.1.0.16
NA
CVE-2010-0385
Tor prior to 0.2.1.22, and 0.2.2.x prior to 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote malicious users to obtain sensitive information about bridge identities and bridge descriptors via a dbg-stability.txt directory query.
Tor Tor 0.2.1.1.12
Tor Tor 0.2.1.1.13
Tor Tor 0.2.1.1.14
Tor Tor 0.2.1.1.15
Tor Tor 0.2.1.1.16
Tor Tor 0.0.6.2
Tor Tor 0.0.6.1
Tor Tor 0.0.6
Tor Tor 0.0.5
Tor Tor 0.0.9.6
Tor Tor 0.0.9.7
Tor Tor 0.0.9.4
Tor Tor 0.0.9.5
Tor Tor 0.1.1
Tor Tor 0.0.2 Pre18
Tor Tor 0.0.2 Pre19
Tor Tor 0.2.1.1.21
Tor Tor 0.0.9
Tor Tor 0.0.8.1
Tor Tor 0.0.8
Tor Tor 0.0.2 Pre25
Tor Tor 0.1.0.13
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »