Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
onionshare onionshare vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-41868
OnionShare 2.3 prior to 2.4 allows remote unauthenticated malicious users to upload files on a non-public node when using the --receive functionality.
Onionshare Onionshare
7.5
CVSSv3
CVE-2022-21689
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks other uploads in the same second, which c...
Onionshare Onionshare
7
CVSSv3
CVE-2018-19960
The debug_mode function in web/web.py in OnionShare up to and including 1.3.1, when --debug is enabled, uses the /tmp/onionshare_server.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname.
Onionshare Onionshare
6.5
CVSSv3
CVE-2022-21693
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions an adversary with a primitive that allows for filesystem access from the context of the Onionshare process can ac...
Onionshare Onionshare
5.5
CVSSv3
CVE-2022-21688
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. Affected versions of the desktop application were found to be vulnerable to denial of service via an undisclosed vulnerability in the ...
Onionshare Onionshare
5.5
CVSSv3
CVE-2016-5026
hs.py in OnionShare prior to 0.9.1 allows local users to modify the hiddenservice by pre-creating the /tmp/onionshare directory.
Onionshare Onionshare
5.4
CVSSv3
CVE-2022-21690
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the requested URL is not sanitized before being passed to the QT frontend. This path is use...
Onionshare Onionshare
5.3
CVSSv3
CVE-2022-21694
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. The website mode of the onionshare allows to use a hardened CSP, which will block any scripts and external resources. It is not possib...
Onionshare Onionshare
5.3
CVSSv3
CVE-2022-21695
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users (or unauthenticated in public mode) can send messages without being visible in the list of ch...
Onionshare Onionshare
5.3
CVSSv3
CVE-2021-41867
An information disclosure vulnerability in OnionShare 2.3 prior to 2.4 allows remote unauthenticated malicious users to retrieve the full list of participants of a non-public OnionShare node via the --chat feature.
Onionshare Onionshare
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »