| Bug | Description |
|---|
| CVE-2005-2050 | Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers ... |
| CVE-2005-2643 | Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and ... |
| CVE-2006-0414 | Tor before 0.1.1.20 allows remote attackers to identify hidden ... |
| CVE-2006-3407 | Tor before 0.1.1.20 allows remote attackers to spoof log entries or ... |
| CVE-2006-3408 | Unspecified vulnerability in the directory server (dirserver) in Tor ... |
| CVE-2006-3409 | Integer overflow in Tor before 0.1.1.20 allows remote attackers to ... |
| CVE-2006-3410 | Tor before 0.1.1.20 creates "internal circuits" primarily consisting ... |
| CVE-2006-3411 | TLS handshakes in Tor before 0.1.1.20 generate public-private keys ... |
| CVE-2006-3412 | Tor before 0.1.1.20 does not sufficiently obey certain firewall ... |
| CVE-2006-3413 | The privoxy configuration file in Tor before 0.1.1.20, when run on ... |
| CVE-2006-3414 | Tor before 0.1.1.20 supports server descriptors that contain hostnames ... |
| CVE-2006-3415 | Tor before 0.1.1.20 uses improper logic to validate the "OR" ... |
| CVE-2006-3416 | ** DISPUTED ** ... |
| CVE-2006-3417 | Tor client before 0.1.1.20 prefers entry points based on is_fast or ... |
| CVE-2006-3418 | Tor before 0.1.1.20 does not validate that a server descriptor's ... |
| CVE-2006-3419 | Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes ... |
| CVE-2006-4508 | Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and ... |
| CVE-2007-3165 | Tor before 0.1.2.14 can construct circuits in which an entry guard is ... |
| CVE-2007-4096 | Buffer overflow in Tor before 0.1.2.15, when using BSD natd support, ... |
| CVE-2007-4097 | Tor before 0.1.2.15 sends "destroy cells" containing the reason for ... |
| CVE-2007-4098 | Tor before 0.1.2.15 does not properly distinguish "streamids from ... |
| CVE-2007-4099 | Tor before 0.1.2.15 can select a guard node beyond the first listed ... |
| CVE-2007-4174 | Tor before 0.1.2.16, when ControlPort is enabled, does not properly ... |
| CVE-2008-5397 | Tor before 0.2.0.32 does not properly process the (1) User and (2) ... |
| CVE-2008-5398 | Tor before 0.2.0.32 does not properly process the ... |
| CVE-2009-0414 | Unspecified vulnerability in Tor before 0.2.0.33 has unspecified ... |
| CVE-2009-0936 | Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to ... |
| CVE-2009-0937 | Unspecified vulnerability in Tor before 0.2.0.34 allows directory ... |
| CVE-2009-0938 | Unspecified vulnerability in Tor before 0.2.0.34 allows directory ... |
| CVE-2009-0939 | Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which ... |
| CVE-2009-2425 | Tor before 0.2.0.35 allows remote attackers to cause a denial of ... |
| CVE-2009-2426 | The connection_edge_process_relay_cell_not_open function in ... |
| CVE-2010-0383 | Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated ... |
| CVE-2010-0384 | Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory ... |
| CVE-2010-0385 | Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when ... |
| CVE-2010-1676 | Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before ... |
| CVE-2011-0015 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ... |
| CVE-2011-0016 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not ... |
| CVE-2011-0427 | Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before ... |
| CVE-2011-0490 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to ... |
| CVE-2011-0491 | The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before ... |
| CVE-2011-0492 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote ... |
| CVE-2011-0493 | Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow ... |
| CVE-2011-1924 | Buffer overflow in the policy_summarize function in or/policies.c in ... |
| CVE-2011-2768 | Tor before 0.2.2.34, when configured as a client or bridge, sends a ... |
| CVE-2011-2769 | Tor before 0.2.2.34, when configured as a bridge, accepts the CREATE ... |
| CVE-2011-2778 | Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow ... |
| CVE-2011-4894 | Tor before 0.2.2.34, when configured as a bridge, uses direct DirPort ... |
| CVE-2011-4895 | Tor before 0.2.2.34, when configured as a bridge, sets up circuits ... |
| CVE-2011-4896 | Tor before 0.2.2.24-alpha continues to use a reachable bridge that was ... |
| CVE-2011-4897 | Tor before 0.2.2.25-alpha, when configured as a relay without the ... |
| TEMP-0000000-3F0E00 | tor insufficient authentication on control port |
| TEMP-0000000-BBBF43 | Crypto weakness in Tor's handshaking process |