| Bug | Description |
|---|
| TEMP-0000000-BBBF43 | Crypto weakness in Tor's handshaking process |
| TEMP-0000000-3F0E00 | tor insufficient authentication on control port |
| CVE-2020-10593 | Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 ... |
| CVE-2019-8955 | In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5. ... |
| CVE-2018-0491 | A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. ... |
| CVE-2018-0490 | An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.1 ... |
| CVE-2017-8823 | In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ... |
| CVE-2017-8822 | In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ... |
| CVE-2017-8821 | In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ... |
| CVE-2017-8820 | In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ... |
| CVE-2017-8819 | In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ... |
| CVE-2017-0380 | The rend_service_intro_established function in or/rendservice.c in Tor ... |
| CVE-2017-0377 | Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only con ... |
| CVE-2017-0376 | The hidden-service feature in Tor before 0.3.0.8 allows a denial of se ... |
| CVE-2017-0375 | The hidden-service feature in Tor before 0.3.0.8 allows a denial of se ... |
| CVE-2016-8860 | Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal funct ... |
| CVE-2016-1254 | Tor before 0.2.8.12 might allow remote attackers to cause a denial of ... |
| CVE-2015-2929 | The Hidden Service (HS) client implementation in Tor before 0.2.4.27, ... |
| CVE-2015-2928 | The Hidden Service (HS) server implementation in Tor before 0.2.4.27, ... |
| CVE-2015-2689 | Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly hand ... |
| CVE-2015-2688 | buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not ... |
| CVE-2014-5117 | Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit ... |
| CVE-2013-7295 | Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a ce ... |
| CVE-2012-5573 | The connection_edge_process_relay_cell function in or/relay.c in Tor b ... |
| CVE-2012-4922 | The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0 ... |
| CVE-2012-4419 | The compare_tor_addr_to_addr_policy function in or/policies.c in Tor b ... |
| CVE-2012-3519 | routerlist.c in Tor before 0.2.2.38 uses a different amount of time fo ... |
| CVE-2012-3518 | The networkstatus_parse_vote_from_string function in routerparse.c in ... |
| CVE-2012-3517 | Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might all ... |
| CVE-2012-2250 | Tor before 0.2.3.24-rc allows remote attackers to cause a denial of se ... |
| CVE-2012-2249 | Tor before 0.2.3.23-rc allows remote attackers to cause a denial of se ... |
| CVE-2011-4897 | Tor before 0.2.2.25-alpha, when configured as a relay without the Nick ... |
| CVE-2011-4896 | Tor before 0.2.2.24-alpha continues to use a reachable bridge that was ... |
| CVE-2011-4895 | Tor before 0.2.2.34, when configured as a bridge, sets up circuits thr ... |
| CVE-2011-4894 | Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort ... |
| CVE-2011-2778 | Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remo ... |
| CVE-2011-2769 | Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE a ... |
| CVE-2011-2768 | Tor before 0.2.2.34, when configured as a client or bridge, sends a TL ... |
| CVE-2011-1924 | Buffer overflow in the policy_summarize function in or/policies.c in T ... |
| CVE-2011-0493 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remo ... |
| CVE-2011-0492 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote at ... |
| CVE-2011-0491 | The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2 ... |
| CVE-2011-0490 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to L ... |
| CVE-2011-0427 | Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0 ... |
| CVE-2011-0016 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properl ... |
| CVE-2011-0015 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properl ... |
| CVE-2010-1676 | Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0 ... |
| CVE-2010-0385 | Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functionin ... |
| CVE-2010-0384 | Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirr ... |
| CVE-2010-0383 | Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated ... |
| CVE-2009-2426 | The connection_edge_process_relay_cell_not_open function in src/or/rel ... |
| CVE-2009-2425 | Tor before 0.2.0.35 allows remote attackers to cause a denial of servi ... |
| CVE-2009-0939 | Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which h ... |
| CVE-2009-0938 | Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirr ... |
| CVE-2009-0937 | Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirr ... |
| CVE-2009-0936 | Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to c ... |
| CVE-2009-0414 | Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impac ... |
| CVE-2008-5398 | Tor before 0.2.0.32 does not properly process the ClientDNSRejectInter ... |
| CVE-2008-5397 | Tor before 0.2.0.32 does not properly process the (1) User and (2) Gro ... |
| CVE-2007-4174 | Tor before 0.1.2.16, when ControlPort is enabled, does not properly re ... |
| CVE-2007-4099 | Tor before 0.1.2.15 can select a guard node beyond the first listed ne ... |
| CVE-2007-4098 | Tor before 0.1.2.15 does not properly distinguish "streamids from diff ... |
| CVE-2007-4097 | Tor before 0.1.2.15 sends "destroy cells" containing the reason for te ... |
| CVE-2007-4096 | Buffer overflow in Tor before 0.1.2.15, when using BSD natd support, a ... |
| CVE-2007-3165 | Tor before 0.1.2.14 can construct circuits in which an entry guard is ... |
| CVE-2006-4508 | Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1 ... |
| CVE-2006-3419 | Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_byte ... |
| CVE-2006-3418 | Tor before 0.1.1.20 does not validate that a server descriptor's finge ... |
| CVE-2006-3417 | Tor client before 0.1.1.20 prefers entry points based on is_fast or is ... |
| CVE-2006-3416 | Tor before 0.1.1.20 kills the circuit when it receives an unrecognized ... |
| CVE-2006-3415 | Tor before 0.1.1.20 uses improper logic to validate the "OR" destinati ... |
| CVE-2006-3414 | Tor before 0.1.1.20 supports server descriptors that contain hostnames ... |
| CVE-2006-3413 | The privoxy configuration file in Tor before 0.1.1.20, when run on App ... |
| CVE-2006-3412 | Tor before 0.1.1.20 does not sufficiently obey certain firewall option ... |
| CVE-2006-3411 | TLS handshakes in Tor before 0.1.1.20 generate public-private keys bas ... |
| CVE-2006-3410 | Tor before 0.1.1.20 creates "internal circuits" primarily consisting o ... |
| CVE-2006-3409 | Integer overflow in Tor before 0.1.1.20 allows remote attackers to exe ... |
| CVE-2006-3408 | Unspecified vulnerability in the directory server (dirserver) in Tor b ... |
| CVE-2006-3407 | Tor before 0.1.1.20 allows remote attackers to spoof log entries or po ... |
| CVE-2006-0414 | Tor before 0.1.1.20 allows remote attackers to identify hidden service ... |
| CVE-2005-2643 | Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and ... |
| CVE-2005-2050 | Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers t ... |