Fedora 43 : tor (2026-0c38968a1b)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0c38968a1b advisory. Update to latest upstream release https://forum.torproject.org/t/security- release-0-4-8-25-and-0-4-9-8/21559 Tenable has extracted the preceding...

Fedora 44 : tor (2026-5ce7cc46bb)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5ce7cc46bb advisory. Update to latest upstream release https://forum.torproject.org/t/security- release-0-4-8-25-and-0-4-9-8/21559 Tenable has extracted the preceding...

CVE-2006-3411

TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys...

EUVD-2011-2752

Malware in sbrugna...

EUVD-2006-3407

Malware in sbrugna...

EUVD-2020-3043

Malware in sbrugna...

EUVD-2017-17763

Malware in sbrugna...

EUVD-2011-0512

Malware in sbrugna...

EUVD-2017-0731

Malware in sbrugna...

EUVD-2011-4812

Malware in sbrugna...

PT-2023-35516 · Openssl +1 · Openssl +1

Name of the Vulnerable Software and Affected Versions: tor versions 0.4.7.14 through 0.4.8.7 tor version 0.4.8.8 Description: The issue is related to several bugs and reliability problems in the Tor software, including a crash during handshake with a remote relay when compiled with OpenSSL,...

USN-5036-1 tor vulnerabilities

It was discovered that Tor incorrectly handled certain memory operations. A remote attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ESM. CVE-2019-8955 It was discovered that Tor did not properly handle the input length to dumpdesc function. A remot...

OPENSUSE-SU-2021:0334-1 Security update for tor

This update for tor fixes the following issues: tor was updated to 0.4.5.6: https://lists.torproject.org/pipermail/tor-announce/2021-February/000214.html Introduce a new MetricsPort HTTP interface Support IPv6 in the torrc Address option Add event-tracing library support for USDT and LTTng-UST Tr...

OPENSUSE-SU-2017:3203-1 Security update for tor

This update for tor fixes vulnerabilities that allowed some traffic confirmation, DoS and other attacks bsc1070849: - CVE-2017-8819: Replay-cache ineffective for v2 onion services - CVE-2017-8820: Remote DoS attack against directory authorities - CVE-2017-8821: An attacker can make Tor ask for a...

CVE-2011-2778

Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code by 1 establishing a SOCKS connection to SocksPort or 2 leveraging a SOCKS proxy configuration...

CVE-2011-0016

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process...

CVE-2010-0383

Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain directory authorities, which makes it easier for man-in-the-middle attackers to compromise the anonymity of traffic sources and destinations...

GLSA-200904-11 : Tor: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200904-11 Tor: Multiple vulnerabilities Theo de Raadt reported that the application does not properly drop privileges to the primary groups of the user specified via the 'User' configuration option CVE-2008-5397. rovv reported tha...

CVE-2006-6893

Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through 1 ICMP timestamps, 2 TCP sequence numbers, and 3 TCP timestamps, ...