Lucene search
K

7 matches found

Prion
Prion
added 2024/01/16 10:15 p.m.15 views

Design/Logic Flaw

Ursa is a cryptographic library for use with blockchains. A weakness in the Hyperledger AnonCreds specification that is not mitigated in the Ursa and AnonCreds implementations is that the Issuer does not publish a key correctness proof demonstrating that a generated private key is sufficient to...

5CVSS7.1AI score0.00428EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2011/12/23 3:59 a.m.8 views

CVE-2011-2768

Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this chain and then determining the set of entry guards that the client or bridge had...

6.5AI score
Exploits0References3
Prion
Prion
added 2007/08/07 10:17 a.m.18 views

Authentication flaw

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid...

5.8CVSS7AI score0.0621EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2007/08/07 10:17 a.m.4 views

DEBIAN-CVE-2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid...

5.8CVSS7.2AI score0.0621EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/08/07 10:0 a.m.27 views

CVE-2007-4174

Tor before 0.1.2.16, when ControlPort is enabled, does not properly restrict commands to localhost port 9051, which allows remote attackers to modify the torrc configuration file, compromise anonymity, and have other unspecified impact via HTTP POST data containing commands without valid...

6.6AI score0.0621EPSS
Exploits0References9
securityvulns
securityvulns
added 2007/03/01 12:0 a.m.33 views

tor protection bypass

By declaring large resources and uptime router can force client to connect to itself, compromizing anonymity...

4.3CVSS2.1AI score0.01702EPSS
Exploits0
OSV
OSV
added 2007/02/26 5:28 p.m.7 views

CVE-2007-1103

Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who operate a low resource node to make false claims of greater resources, which places the node into use for many circuits and compromises the anonymity of traffic sources and destinations...

6.9AI score
Exploits0References5
Rows per page
Query Builder