CVE-2010-0384

Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log...

EUVD-2020-3042

Malware in sbrugna...

EUVD-2006-3415

Malware in sbrugna...

EUVD-2015-3013

Malware in sbrugna...

CVE-2006-3418

Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows remote attackers to spoof the fingerprint line, which might be trusted by users or other applications...

MGASA-2017-0444 Updated tor packages fix security vulnerability

When checking for replays in the INTRODUCE1 cell data for a legacy onion service, Tor didn't correctly detect replays in the RSA- encrypted part of the cell. It was previously checking for replays on the entire cell, but those can be circumvented due to the malleability of Tor's legacy hybrid...

CVE-2006-3409

Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, which result in a buffer overflow when elements are added to smartlists...