Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-34548

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-29 Jun, 2021 | 11:00
Updated At-04 Aug, 2024 | 00:12
Rejected At-
Credits

An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:29 Jun, 2021 | 11:00
Updated At:04 Aug, 2024 | 00:12
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://gitlab.torproject.org/tpo/core/tor/-/issues/40389
x_refsource_MISC
https://blog.torproject.org/node/2041
x_refsource_CONFIRM
https://security.gentoo.org/glsa/202107-25
vendor-advisory
x_refsource_GENTOO
http://packetstormsecurity.com/files/163510/Tor-Half-Closed-Connection-Stream-Confusion.html
x_refsource_MISC
Hyperlink: https://gitlab.torproject.org/tpo/core/tor/-/issues/40389
Resource:
x_refsource_MISC
Hyperlink: https://blog.torproject.org/node/2041
Resource:
x_refsource_CONFIRM
Hyperlink: https://security.gentoo.org/glsa/202107-25
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://packetstormsecurity.com/files/163510/Tor-Half-Closed-Connection-Stream-Confusion.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://gitlab.torproject.org/tpo/core/tor/-/issues/40389
x_refsource_MISC
x_transferred
https://blog.torproject.org/node/2041
x_refsource_CONFIRM
x_transferred
https://security.gentoo.org/glsa/202107-25
vendor-advisory
x_refsource_GENTOO
x_transferred
http://packetstormsecurity.com/files/163510/Tor-Half-Closed-Connection-Stream-Confusion.html
x_refsource_MISC
x_transferred
Hyperlink: https://gitlab.torproject.org/tpo/core/tor/-/issues/40389
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://blog.torproject.org/node/2041
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://security.gentoo.org/glsa/202107-25
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://packetstormsecurity.com/files/163510/Tor-Half-Closed-Connection-Stream-Confusion.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:29 Jun, 2021 | 11:15
Updated At:08 Aug, 2023 | 14:21

An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
torproject
torproject
>>tor>>Versions before 0.3.5.15(exclusive)
cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
torproject
torproject
>>tor>>Versions from 0.4.0.0(inclusive) to 0.4.4.9(exclusive)
cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
torproject
torproject
>>tor>>Versions from 0.4.5.0(inclusive) to 0.4.5.9(exclusive)
cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
torproject
torproject
>>tor>>Versions from 0.4.6.0(inclusive) to 0.4.6.5(exclusive)
cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-290Primarynvd@nist.gov
CWE ID: CWE-290
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://packetstormsecurity.com/files/163510/Tor-Half-Closed-Connection-Stream-Confusion.htmlcve@mitre.org
Third Party Advisory
VDB Entry
https://blog.torproject.org/node/2041cve@mitre.org
Release Notes
Vendor Advisory
https://gitlab.torproject.org/tpo/core/tor/-/issues/40389cve@mitre.org
Broken Link
https://security.gentoo.org/glsa/202107-25cve@mitre.org
Third Party Advisory
Hyperlink: http://packetstormsecurity.com/files/163510/Tor-Half-Closed-Connection-Stream-Confusion.html
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://blog.torproject.org/node/2041
Source: cve@mitre.org
Resource:
Release Notes
Vendor Advisory
Hyperlink: https://gitlab.torproject.org/tpo/core/tor/-/issues/40389
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: https://security.gentoo.org/glsa/202107-25
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

29Records found
CVE-2020-15572
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.19%
||
7 Day CHG~0.00%
Published-15 Jul, 2020 | 16:02
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-001.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-0375
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-1.40% / 79.63%
||
7 Day CHG~0.00%
Published-09 Jun, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.

Action-Not Available
Vendor-torprojectn/a
Product-torTor before 0.3.0.8
CWE ID-CWE-617
Reachable Assertion
CVE-2012-4419
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.62% / 81.08%
||
7 Day CHG~0.00%
Published-14 Sep, 2012 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CVE-2012-4922
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-5.59% / 89.94%
||
7 Day CHG~0.00%
Published-14 Sep, 2012 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a different vulnerability than CVE-2012-4419.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-10592
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.00% / 82.92%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 12:16
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.

Action-Not Available
Vendor-torprojectn/aopenSUSE
Product-torbackportsleapn/a
CVE-2012-2250
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-03 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.2.3.24-rc allows remote attackers to cause a denial of service (assertion failure and daemon exit) by performing link protocol negotiation incorrectly.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CVE-2021-34549
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.65% / 69.76%
||
7 Day CHG~0.00%
Published-29 Jun, 2021 | 11:08
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-28089
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.69% / 81.47%
||
7 Day CHG~0.00%
Published-19 Mar, 2021 | 04:18
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.

Action-Not Available
Vendor-torprojectn/aFedora Project
Product-torfedoran/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-33903
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.27% / 49.92%
||
7 Day CHG~0.00%
Published-17 Jul, 2022 | 00:00
Updated-03 Aug, 2024 | 08:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CVE-2017-0376
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-0.82% / 73.43%
||
7 Day CHG~0.00%
Published-09 Jun, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit.

Action-Not Available
Vendor-torprojectn/aDebian GNU/Linux
Product-tordebian_linuxTor before 0.3.0.8
CWE ID-CWE-617
Reachable Assertion
CVE-2016-8860
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.68% / 85.25%
||
7 Day CHG~0.00%
Published-04 Jan, 2017 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.2.8.9 and 0.2.9.x before 0.2.9.4-alpha had internal functions that were entitled to expect that buf_t data had NUL termination, but the implementation of or/buffers.c did not ensure that NUL termination was present, which allows remote attackers to cause a denial of service (client, hidden service, relay, or authority crash) via crafted data.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-1254
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-3.04% / 86.13%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.

Action-Not Available
Vendor-torprojectn/aopenSUSEDebian GNU/LinuxFedora Project
Product-torfedoraleapdebian_linuxopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-0490
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-1.03% / 76.45%
||
7 Day CHG~0.00%
Published-05 Mar, 2018 | 15:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause a denial of service (NULL pointer dereference and directory-authority crash) via a misformatted relay descriptor that is mishandled during voting.

Action-Not Available
Vendor-torprojectn/aDebian GNU/Linux
Product-tordebian_linuxTor
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-0491
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-8.04% / 91.75%
||
7 Day CHG~0.00%
Published-05 Mar, 2018 | 15:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.

Action-Not Available
Vendor-torprojectn/a
Product-torTor
CWE ID-CWE-416
Use After Free
CVE-2015-2928
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-0.72% / 71.58%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 17:22
Updated-06 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors.

Action-Not Available
Vendor-torprojectThe Tor Project
Product-torTor
CVE-2020-10593
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.22% / 78.21%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 12:22
Updated-04 Aug, 2024 | 11:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. This occurs in circpad_setup_machine_on_circ because a circuit-padding machine can be negotiated twice on the same circuit.

Action-Not Available
Vendor-torprojectn/aopenSUSE
Product-torbackports_sleleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2012-5573
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-2.48% / 84.69%
||
7 Day CHG~0.00%
Published-01 Jan, 2013 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service (memory consumption or excessive cell reception rate) or bypass intended flow-control restrictions via a RELAY_COMMAND_SENDME command.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CVE-2012-2249
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-5||MEDIUM
EPSS-0.47% / 63.77%
||
7 Day CHG~0.00%
Published-03 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a renegotiation attempt that occurs after the initiation of the V3 link protocol.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CVE-2019-8955
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.04% / 83.11%
||
7 Day CHG~0.00%
Published-21 Feb, 2019 | 23:00
Updated-04 Aug, 2024 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2015-2929
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.53%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 17:22
Updated-06 Aug, 2024 | 05:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Hidden Service (HS) client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service (assertion failure and application exit) via a malformed HS descriptor.

Action-Not Available
Vendor-torprojectThe Tor Project
Product-torTor
CVE-2015-2689
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-0.65% / 69.85%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 17:46
Updated-06 Aug, 2024 | 05:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle pending-connection resolve states during periods of high DNS load, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets.

Action-Not Available
Vendor-torprojectThe Tor Project
Product-torTor
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2688
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.5||HIGH
EPSS-0.57% / 67.56%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 17:46
Updated-06 Aug, 2024 | 05:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle unexpected arrival times of buffers with invalid layouts, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets.

Action-Not Available
Vendor-torprojectThe Tor Project
Product-torTor
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2021-38385
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.63% / 69.47%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007.

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-34550
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.83% / 73.62%
||
7 Day CHG~0.00%
Published-29 Jun, 2021 | 11:11
Updated-04 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. The v3 onion service descriptor parsing allows out-of-bounds memory access, and a client crash, via a crafted onion service descriptor

Action-Not Available
Vendor-torprojectn/a
Product-torn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-28090
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-2.69% / 85.27%
||
7 Day CHG~0.00%
Published-19 Mar, 2021 | 04:19
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002.

Action-Not Available
Vendor-torprojectn/aFedora Project
Product-torfedoran/a
CWE ID-CWE-617
Reachable Assertion
CVE-2021-41753
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.44% / 79.89%
||
7 Day CHG~0.00%
Published-27 Sep, 2021 | 16:22
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in D-Link DIR-X1560, v1.04B04, and DIR-X6060, v1.11B04 allows a remote unauthenticated attacker to disconnect a wireless client via sending specific spoofed SAE authentication frames.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-x1560_firmwaredir-x6060_firmwaredir-x1560dir-x6060n/a
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2023-28452
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.81%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 00:00
Updated-19 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID.

Action-Not Available
Vendor-coredns.ion/a
Product-corednsn/a
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2021-40288
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.96% / 82.73%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 19:13
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-archer_ax10archer_ax10_firmwaren/a
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2020-10136
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-5.3||MEDIUM
EPSS-19.96% / 95.25%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 08:35
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic

IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.

Action-Not Available
Vendor-treckdigiCisco Systems, Inc.HP Inc.The IETF Administration LLC (IETF LLC)
Product-nexus_93180lc-exnexus_56128pnexus_3132qnexus_9332pqnexus_93108tc-exucs_6332-16upnexus_3016x3220nr_firmwarenx-osnexus_9372pxnexus_9508nexus_5696qnexus_93120txnexus_92304qcnexus_93128txnexus_9336pq_aci_spineucs_6248upnexus_6004nexus_1000venexus_9504nexus_3048nexus_6001nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2sarosucs_6324nexus_9396txnexus_9332cnexus_9364cnexus_7000nexus_92348gc-xnexus_5020nexus_3064nexus_9336c-fx2unified_computing_systemucs_6332nexus_5548pnexus_5548upnexus_5648qnexus_9348gc-fxpnexus_3172nexus_9272qnexus_9396pxucs_6296upnexus_5010nexus_93216tc-fx2nexus_1000vnexus_5672upnexus_5596tnexus_93240yc-fx2nexus_93180yc-fxnexus_9372txnexus_5624qnexus_3064-tucs_managernexus_93180yc-exnexus_9372px-enexus_9236cnexus_9516nexus_5596upnexus_7700tcp\/ipRFC2003 - IP Encapsulation within IP
CWE ID-CWE-290
Authentication Bypass by Spoofing
Details not found