Tor


Program Statistics


31 total issues disclosed

$6,100 total paid publicly

Most disclosed (10 disclosures) — Memory Corruption - Generic



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Email Spoofing Possible on torproject.org Email Domain Business Logic Errors greenwolf Medium 2018-10-16
Expose user IP if TOR crashs None supplied rbcafe No rating 2018-09-21
Expose relay IP in the debug (The source is different from the rendering) None supplied rbcafe No rating 2018-07-21
De-anonymization by visiting specially crafted bookmark. Information Disclosure qab High 2018-07-03
Tor Browser: iframe with `data:` uri has access to parent window None supplied metnew High 2018-06-06
[tor] pre-emptive defenses, potential vulnerabilities Violation of Secure Design Principles guido No rating 2017-11-26
16 instances where return value of OpenSSL i2d_RSAPublicKey is discarded -- might lead to use of uninitialized memory Information Disclosure guido No rating 2017-11-26
Access to local file system using javascript Violation of Secure Design Principles cuso4 High 2017-11-18
Use of uninitialized value in networkstatus_parse_vote_from_string (src/or/routerparse.c:3533) Memory Corruption - Generic geeknik None 2017-10-31
Cross-domain linkability when system time changed in Tor Browser Privacy Violation xiaoyinl Low 2017-10-26
Linux TBB SFTP URI allows local IP disclosure Information Disclosure julianjackson Critical 2017-10-25
Use of uninitialized value in memarea_strdup (src/common/memarea.c:369) Memory Corruption - Generic geeknik No rating 2017-10-25
Crashes/Buffer at 0x2C0086,name=PBrowser::Msg_Destroy Classic Buffer Overflow dhiraj-mishra Medium 2017-10-24
Preferred language option fingerprinting issue in Tor Browser Information Disclosure xiaoyinl Low 2017-10-24
Use-after-free during XML transformations (MFSA-2016-27) Memory Corruption - Generic agarri_fr No rating 2017-10-21
Uncloaking hidden services and hidden service users Man-in-the-Middle hackerfactor No rating 2017-10-20
Scrollbar Width permits detecting browser platform Information Disclosure hackerfactor Low 2017-10-20
Simple CSS line-height identifies platform Information Disclosure hackerfactor Low 2017-10-20
languagechange event fires simultaneously on all tabs Privacy Violation tomvg Low 2017-10-19
Enforce minimum master password complexity Password in Configuration File dhiraj-mishra Medium 2017-10-19
libevent (stack) buffer overflow in evutil_parse_sockaddr_port Memory Corruption - Generic guido No rating 2017-10-19
[tor] libevent dns remote stack overread vulnerability Memory Corruption - Generic guido No rating 2017-10-19
smartlist_add, smartlist_insert (may) cause heap corruption as a result of inadequate checks in smartlist_ensure_capacity Memory Corruption - Generic guido No rating 2017-10-19
Heap corruption via memarea.c Memory Corruption - Generic guido No rating 2017-10-19
[tor] libevent dns OOB read Memory Corruption - Generic guido No rating 2017-10-19
[tor] control connection pre-auth DoS (infinite loop) with --enable-bufferevents Denial of Service guido No rating 2017-10-19
potential memory corruption in or/buffers.c (particularly on 32 bit) Memory Corruption - Generic guido No rating 2017-10-19
Overreads/overcopies in torsocks Memory Corruption - Generic guido No rating 2017-10-19
Stack overflow in UnbindFromTree (browser can be crashed remotely) Stack Overflow geeknik High 2017-10-02
Sql query disclosure, Information Disclosure utkarsh1 Low 2017-09-18
[Android org.torproject.android] Possible to force list of bridges Forced Browsing bagipro High 2017-08-21