23 matches found
EUVD-2026-28237
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...
EUVD-2026-28238
Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...
Tor 安全漏洞
Tor is a virtual tunnel network operated by the Tor Project organization. It allows individuals and groups to enhance their privacy and security on the Internet. Versions of Tor prior to 0.4.9.7 contained security vulnerabilities; these vulnerabilities stemmed from the possibility of attempting o...
UK Construction Firm Hit by Prometei Botnet Hiding in Windows Server
Cybersecurity firm eSentire's TRU break down the Russian Prometei botnet attack on a UK firm, detailing its TOR usage, password theft and decoy tactics...
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities. The campaign, detected in May 2025, is tracked by the security outfit under the moniker InedibleOchotense , describing it as...
SUSE CVE-2021-34548
An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAYEND or RELAYRESOLVED to bypass the intended access control for ending a stream...
What is Tor?
Tor, The Onion Router Tor The Onion Router is free software used to keep your online communications safe and secure from outside observers. It’s designed to block tracking and eavesdropping, resist fingerprinting where services tie your browser and device information to an identity, and to hide t...
CVE-2021-21323
Brave is an open source web browser with a focus on privacy and security. In Brave versions 1.17.73-1.20.103, the CNAME adblocking feature added in Brave 1.17.73 accidentally initiated DNS requests that bypassed the Brave Tor proxy. Users with adblocking enabled would leak DNS requests from Tor...
Tor Denial of Service Vulnerability
The Onion Router Tor is an implementation of Onion Routing. It is primarily used for anonymous access to the Internet. A security vulnerability exists in Tor versions prior to 0.3.5.10, 0.4.x prior to 0.4.1.9, and 0.4.2.x prior to 0.4.2.7. A remote attacker could exploit this vulnerability to cau...
Tor Resource Management Error Vulnerability
The Onion Router Tor is an implementation of Onion Routing. It is primarily used for anonymous access to the Internet. A resource management error vulnerability exists in Tor versions prior to 0.3.5.10, 0.4.x prior to 0.4.1.9, and 0.4.2.x prior to 0.4.2.7. A remote attacker could exploit this...
The Onion Router Information Disclosure Vulnerability
The Onion Router Tor is an implementation of Onion Routing. It is primarily used for anonymous access to the Internet. An information disclosure vulnerability exists in this version of Tor Browser prior to 8.0.1, which can be exploited by unauthorized attackers to obtain sensitive information abo...
Tor has an unspecified vulnerability
Tor The Onion Router is a second-generation implementation of onion routing, primarily used for anonymous access to the Internet. A security vulnerability exists in Tor. An attacker can exploit the vulnerability to turn off log warnings...
Dark Web Users Suspect "Dream Market" Has Also Been Backdoored by Feds
By now you might be aware of the took down of two of the largest online dark websites—AlphaBay and Hansa—in what's being called the largest-ever international operation against the dark web's black market conducted by the FBI, DEA Drug Enforcement Agency and Dutch National Police. But the...
Tor Denial of Service Vulnerability (CNVD-2017-14148)
Tor The Onion Router is a second-generation implementation of onion routing, primarily used for anonymous access to the Internet. A denial of service vulnerability exists in the 'relaysendendcellfromedge' function of the hidden services function in versions of Tor prior to 0.3.0.8. An attacker ca...
UBUNTU-CVE-2017-0376
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the connectionedgeprocessrelaycell function via a BEGINDIR cell on a rendezvous circuit...
APT29 Domain Fronting With TOR
Mandiant has observed Russian nation-state attackers APT29 employing domain fronting techniques for stealthy backdoor access to victim environments for at least two years. There has been considerable discussion about domain fronting following the release of a paper detailing these techniques...
APT29 Domain Fronting With TOR
Mandiant has observed Russian nation-state attackers APT29 employing domain fronting techniques for stealthy backdoor access to victim environments for at least two years. There has been considerable discussion about domain fronting following the release of a paper detailing these techniques...
Tor Denial of Service Vulnerability (CNVD-2016-10364)
Tor The Onion Router is a second-generation implementation of onion routing, primarily used for anonymous access to the Internet. Versions of Tor prior to 0.2.8.9 contain a security vulnerability that could allow an attacker to crash a tor client, service, or tor organization...
DEBIAN-CVE-2011-4897
Tor before 0.2.2.25-alpha, when configured as a relay without the Nickname configuration option, uses the local hostname as the Nickname value, which allows remote attackers to obtain potentially sensitive information by reading this value...
Tor日志文件信息泄露漏洞
CVE ID: CVE-2010-0384 Tor(The Onion Router)是第二代洋葱路由的一种实现,用户通过Tor可以在因特网上进行匿名交流。 如果将Tor用作了目录镜像,在检测到错误的客户端行为的时候就可能在日志中记录客户端的IP地址。本地用户通过读取日志文件就可以发现客户端的身份。 Tor 0.2.2.x 厂商补丁: Tor --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://www.torproject.org/easy-download...