Vulnerabilities > TOR
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-25 | CVE-2010-0384 | Information Exposure vulnerability in TOR Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log files. | 2.1 |
| 2010-01-25 | CVE-2010-0383 | Information Exposure vulnerability in TOR Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations. | 5.0 |
| 2009-07-10 | CVE-2009-2426 | Remote Security vulnerability in Tor The connection_edge_process_relay_cell_not_open function in src/or/relay.c in Tor 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors. | 5.0 |
| 2009-07-10 | CVE-2009-2425 | Improper Input Validation vulnerability in TOR 0.2.0.35 Tor before 0.2.0.35 allows remote attackers to cause a denial of service (application crash) via a malformed router descriptor. | 5.0 |
| 2009-03-18 | CVE-2009-0939 | Denial of Service vulnerability in Tor Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0. | 10.0 |
| 2009-03-18 | CVE-2009-0938 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input." | 5.0 |
| 2009-03-18 | CVE-2009-0937 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors. | 5.0 |
| 2009-03-18 | CVE-2009-0936 | Denial of Service vulnerability in Tor Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes." | 5.0 |
| 2009-02-20 | CVE-2009-0654 | Remote Security vulnerability in Tor Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving (1) replaying, (2) modifying, (3) inserting, or (4) deleting a single cell, and then observing cell recognition errors at the exit router. | 5.1 |
| 2009-02-03 | CVE-2009-0414 | Resource Management Errors vulnerability in TOR Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption. | 10.0 |