Torproject Tor Browser — known CVE vulnerabilities
Every CVE whose affected-product data names Torproject Tor Browser, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-16983 — CVSS 9.8 (critical): NoScript Classic before 5.1.8.7, as used in Tor Browser 7.x and other products, allows attackers to bypass script blocking via the…
CVE-2021-39246 — CVSS 6.1 (medium): Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion…
CVE-2019-13075 — CVSS 5.3 (medium): Tor Browser through 8.5.3 has an information exposure vulnerability. It allows remote attackers to detect the browser's language via…
CVE-2017-16639 — CVSS 4.3 (medium): Tor Browser on Windows before 8.0 allows remote attackers to bypass the intended anonymity feature and discover a client IP address, a…
CVE-2019-12383 — CVSS 4.3 (medium): Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser's UI locale by…