CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2023-23589 – Gentoo Linux Security Advisory 202305-11
https://notcve.org/view.php?id=CVE-2023-23589
14 Jan 2023 — The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. La opción SafeSocks en Tor anterior a 0.4.7.13 tiene un error lógico en el que se puede usar el protocolo SOCKS4 inseguro pero no el protocolo SOCKS4a seguro, también conocido como TROVE-2022-002. A logic error was discovered in the implementation of the "SafeSocks" option of Tor, a connection-based low-latency anonymous communication system, wh... • https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-38385 – Gentoo Linux Security Advisory 202305-11
https://notcve.org/view.php?id=CVE-2021-38385
17 Aug 2021 — Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007. Tor versiones anteriores a 0.3.5.16, 0.4.5.10, y 0.4.6.7, maneja inapropiadamente la relación entre la verificación de firma por lotes y la verificación de firma única, conllevando a un fallo de aserción remota, también se conoce como TROVE-2021-007. Henry de Valence reported a flaw in the signature verificat... • https://blog.torproject.org • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-34549 – Gentoo Linux Security Advisory 202107-25
https://notcve.org/view.php?id=CVE-2021-34549
28 Jun 2021 — An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency. Se ha detectado un problema en Tor versiones anteriores a 0.4.6.5, también se conoce como TROVE-2021-005. Un hashing es manejado inapropiadamente para determinadas recuperaciones de datos del circuito. • https://blog.torproject.org/node/2041 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2021-34548 – Tor Half-Closed Connection Stream Confusion
https://notcve.org/view.php?id=CVE-2021-34548
14 Jun 2021 — An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream. Se ha detectado un problema en Tor versiones anteriores a 0.4.6.5, también se conoce como TROVE-2021-003. Un atacante puede falsificar las funciones RELAY_END o RELAY_RESOLVED para omitir el control de acceso previsto para terminar un flujo Tor suffers from an issue where half-closed connection tracking ignores layer_hint and due to t... • https://packetstorm.news/files/id/163510 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-34550 – Gentoo Linux Security Advisory 202107-25
https://notcve.org/view.php?id=CVE-2021-34550
14 Jun 2021 — An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. The v3 onion service descriptor parsing allows out-of-bounds memory access, and a client crash, via a crafted onion service descriptor Se ha detectado un problema en Tor versiones anteriores a 0.4.6.5, también se conoce como TROVE-2021-006. El análisis del descriptor del servicio de v3 onion, permite un acceso a la memoria fuera de límites, y un bloqueo del cliente, por medio de un descriptor de servicio onion diseñado Multiple security vuln... • https://blog.torproject.org/node/2041 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28090 – Debian Security Advisory 4871-1
https://notcve.org/view.php?id=CVE-2021-28090
19 Mar 2021 — Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002. Tor versiones anteriores a 0.4.5.7, permite a un atacante remoto causar que autoridades del directorio de Tor salgan con un fallo de aserción, también se conoce como TROVE-2021-002 Two vulnerabilities were discovered in Tor, a connection-based low-latency anonymous communication system, which could lead to excessive CPU usage or cause a directory authority to crash. • https://blog.torproject.org/node/2009 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-28089 – Debian Security Advisory 4871-1
https://notcve.org/view.php?id=CVE-2021-28089
19 Mar 2021 — Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001. Tor versiones anteriores a 0.4.5.7, permite a un participante remoto en el protocolo de directorio de Tor agotar los recursos de la CPU en un objetivo, también se conoce como TROVE-2021-001 Two vulnerabilities were discovered in Tor, a connection-based low-latency anonymous communication system, which could lead to excessive CPU usage or cause a directory authority to crash. • https://blog.torproject.org/node/2009 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-15572
https://notcve.org/view.php?id=CVE-2020-15572
09 Jul 2020 — Tor before 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-001. Tor versiones anteriores a 0.4.3.6, presenta un acceso de la memoria fuera de límites que permite un ataque de denegación de servicio remoto (bloqueo) contra instancias de Tor creadas para usar Mozilla Network Security Services (NSS), también se conoce como TROVE-2020-001 • https://blog.torproject.org/new-release-tor-03511-0428-0436-security-fixes • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2020-8516
https://notcve.org/view.php?id=CVE-2020-8516
02 Feb 2020 — The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not verify that a rendezvous node is known before attempting to connect to it, which might make it easier for remote attackers to discover circuit information. NOTE: The network team of Tor claims this is an intended behavior and not a vulnerability ** EN DISPUTA ** El demonio en Tor hasta la versión 0.4.1.8 y versiones 0.4.2.x hasta la versión 0.4.2.6, no comprueba que un nodo rendezvous sea conocido antes de intentar conectarse a él, lo qu... • https://lists.torproject.org/pipermail/tor-dev/2020-February/014146.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2688
https://notcve.org/view.php?id=CVE-2015-2688
24 Jan 2020 — buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle unexpected arrival times of buffers with invalid layouts, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets. La función buf_pullup en Tor versiones anteriores a 0.2.4.26 y versiones 0.2.5.x anteriores a 0.2.5.11, no maneja apropiadamente los tiempos de llegada inesperados de búferes con diseños no válidos, lo que permite a atacantes remotos causar una denega... • https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html • CWE-755: Improper Handling of Exceptional Conditions •