Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
torproject tor vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2020-10592
Tor prior to 0.3.5.10, 0.4.x prior to 0.4.1.9, and 0.4.2.x prior to 0.4.2.7 allows remote malicious users to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.
Torproject Tor
Opensuse Backports Sle-15
Opensuse Leap 15.1
668
VMScore
CVE-2018-16983
NoScript Classic prior to 5.1.8.7, as used in Tor Browser 7.x and other products, allows malicious users to bypass script blocking via the text/html;/json Content-Type value.
Noscript Noscript
Torproject Tor Browser
516
VMScore
CVE-2014-5117
Tor prior to 0.2.4.23 and 0.2.5 prior to 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote malicious users to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a ...
Torproject Tor 0.0.2
Torproject Tor 0.0.3
Torproject Tor 0.0.4
Torproject Tor 0.0.7.2
Torproject Tor 0.0.7.3
Torproject Tor 0.0.9.5
Torproject Tor 0.0.9.6
Torproject Tor 0.1.0.14
Torproject Tor 0.1.0.15
Torproject Tor 0.1.1.24
Torproject Tor 0.1.1.25
Torproject Tor 0.1.2.18
Torproject Tor 0.1.2.19
Torproject Tor 0.2.2.19
Torproject Tor 0.2.2.20
Torproject Tor 0.2.2.27
Torproject Tor 0.2.2.28
Torproject Tor 0.2.2.35
Torproject Tor 0.2.2.36
Torproject Tor 0.2.3.17
Torproject Tor 0.2.3.18
Torproject Tor 0.2.4.1
505
VMScore
CVE-2018-0491
A use-after-free issue exists in Tor 0.3.2.x prior to 0.3.2.10. It allows remote malicious users to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.
Torproject Tor
1 EDB exploit
447
VMScore
CVE-2012-4922
The tor_timegm function in common/util.c in Tor prior to 0.2.2.39, and 0.2.3.x prior to 0.2.3.22-rc, does not properly validate time values, which allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a di...
Torproject Tor
Torproject Tor 0.2.2.30
Torproject Tor 0.2.2.29
Torproject Tor 0.2.2.22
Torproject Tor 0.2.2.21
Torproject Tor 0.2.0.32
Torproject Tor 0.2.0.31
Torproject Tor 0.1.2.13
Torproject Tor 0.1.1.26
Torproject Tor 0.1.0.17
Torproject Tor 0.1.0.16
Torproject Tor 0.0.9.10
Torproject Tor 0.0.9.9
Torproject Tor 0.0.9.8
Torproject Tor 0.0.9.1
Torproject Tor 0.2.2.37
Torproject Tor 0.2.2.36
Torproject Tor 0.2.2.35
Torproject Tor 0.2.2.28
Torproject Tor 0.2.2.27
Torproject Tor 0.2.2.20
Torproject Tor 0.2.2.19
445
VMScore
CVE-2021-38385
Tor prior to 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007.
Torproject Tor
445
VMScore
CVE-2021-34549
An issue exists in Tor prior to 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency.
Torproject Tor
445
VMScore
CVE-2021-34550
An issue exists in Tor prior to 0.4.6.5, aka TROVE-2021-006. The v3 onion service descriptor parsing allows out-of-bounds memory access, and a client crash, via a crafted onion service descriptor
Torproject Tor
445
VMScore
CVE-2021-34548
An issue exists in Tor prior to 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.
Torproject Tor
445
VMScore
CVE-2021-28089
Tor prior to 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.
Torproject Tor 0.4.4.1
Torproject Tor 0.4.4.0
Torproject Tor
Torproject Tor 0.4.4.2
Torproject Tor 0.4.4.3
Fedoraproject Fedora 33
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »