Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
torproject tor vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2016-1254
Tor prior to 0.2.8.12 might allow remote malicious users to cause a denial of service (client crash) via a crafted hidden service descriptor.
Torproject Tor
Opensuse Project Leap 42.1
Debian Debian Linux 8.0
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Debian Debian Linux 9.0
Opensuse Leap 42.2
Opensuse Opensuse 13.2
445
VMScore
CVE-2017-0377
Tor 0.3.x prior to 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote malicious users to defeat intended anonymity properties by leveraging the existence of large families.
Torproject Tor 0.3.0.5
Torproject Tor 0.3.0.4
Torproject Tor 0.3.0.3
Torproject Tor 0.3.0.2
Torproject Tor 0.3.0.8
Torproject Tor 0.3.0.6
Torproject Tor 0.3.0.1
Torproject Tor 0.3.0.7
445
VMScore
CVE-2017-0376
The hidden-service feature in Tor prior to 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit.
Torproject Tor
Debian Debian Linux 9.0
Debian Debian Linux 8.0
445
VMScore
CVE-2017-0375
The hidden-service feature in Tor prior to 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.
Torproject Tor
445
VMScore
CVE-2016-8860
Tor prior to 0.2.8.9 and 0.2.9.x prior to 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote malicious users to cause a ...
Torproject Tor 0.2.9.3
Torproject Tor 0.2.9.0
Torproject Tor
Torproject Tor 0.2.9.2
Torproject Tor 0.2.9.1
445
VMScore
CVE-2012-2249
Tor prior to 0.2.3.23-rc allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via a renegotiation attempt that occurs after the initiation of the V3 link protocol.
Torproject Tor 0.2.0.33
Torproject Tor 0.1.1.22
Torproject Tor 0.0.9.4
Torproject Tor 0.2.2.35
Torproject Tor 0.2.2.29
Torproject Tor 0.0.9.1
Torproject Tor 0.1.1.20
Torproject Tor 0.0.2
Torproject Tor 0.2.0.35
Torproject Tor 0.2.2.32
Torproject Tor 0.0.3
Torproject Tor 0.1.1.23
Torproject Tor 0.2.2.24
Torproject Tor 0.2.2.37
Torproject Tor 0.1.0.14
Torproject Tor 0.1.2.15
Torproject Tor
Torproject Tor 0.2.2.21
Torproject Tor 0.2.3.13
Torproject Tor 0.0.6.1
Torproject Tor 0.0.8.1
Torproject Tor 0.1.0.11
445
VMScore
CVE-2012-2250
Tor prior to 0.2.3.24-rc allows remote malicious users to cause a denial of service (assertion failure and daemon exit) by performing link protocol negotiation incorrectly.
Torproject Tor 0.2.0.33
Torproject Tor 0.1.1.22
Torproject Tor 0.0.9.4
Torproject Tor 0.2.2.35
Torproject Tor 0.2.2.29
Torproject Tor 0.0.9.1
Torproject Tor 0.1.1.20
Torproject Tor 0.0.2
Torproject Tor
Torproject Tor 0.2.0.35
Torproject Tor 0.2.2.32
Torproject Tor 0.0.3
Torproject Tor 0.1.1.23
Torproject Tor 0.2.2.24
Torproject Tor 0.2.2.37
Torproject Tor 0.1.0.14
Torproject Tor 0.1.2.15
Torproject Tor 0.2.2.21
Torproject Tor 0.2.3.13
Torproject Tor 0.0.6.1
Torproject Tor 0.0.8.1
Torproject Tor 0.1.0.11
445
VMScore
CVE-2012-5573
The connection_edge_process_relay_cell function in or/relay.c in Tor prior to 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote malicious users to cause a denial of service (memory consumption or excessive cell reception rate) or bypa...
Torproject Tor 0.2.3.21
Torproject Tor 0.2.3.20
Torproject Tor 0.2.3.19
Torproject Tor 0.2.3.13
Torproject Tor 0.2.2.19
Torproject Tor 0.2.2.28
Torproject Tor 0.2.2.27
Torproject Tor 0.2.2.35
Torproject Tor 0.2.2.32
Torproject Tor 0.2.0.31
Torproject Tor 0.2.0.32
Torproject Tor 0.1.0.12
Torproject Tor 0.1.0.14
Torproject Tor 0.1.1.24
Torproject Tor 0.1.1.23
Torproject Tor 0.0.2
Torproject Tor 0.2.3.23
Torproject Tor 0.2.3.22
Torproject Tor 0.2.3.14
Torproject Tor 0.2.3
Torproject Tor 0.2.2.21
Torproject Tor 0.2.2.22
445
VMScore
CVE-2012-4419
The compare_tor_addr_to_addr_policy function in or/policies.c in Tor prior to 0.2.2.39, and 0.2.3.x prior to 0.2.3.21-rc, allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled durin...
Torproject Tor 0.2.2.34
Torproject Tor 0.2.2.31
Torproject Tor 0.2.2.25
Torproject Tor 0.2.2.24
Torproject Tor 0.2.0.35
Torproject Tor 0.2.0.34
Torproject Tor 0.2.0.33
Torproject Tor 0.1.2.16
Torproject Tor 0.1.2.15
Torproject Tor 0.1.1.22
Torproject Tor 0.1.1.21
Torproject Tor 0.1.0.12
Torproject Tor 0.1.0.11
Torproject Tor 0.1.0.10
Torproject Tor 0.0.9.4
Torproject Tor 0.0.9.3
Torproject Tor 0.0.7
Torproject Tor 0.0.6.2
Torproject Tor 0.0.2
Torproject Tor 0.2.3.18
Torproject Tor 0.2.3.17
Torproject Tor
383
VMScore
CVE-2020-15572
Tor prior to 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-001.
Torproject Tor
Torproject Tor 0.4.4.0
Torproject Tor 0.4.4.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »