Tor
by Torproject
Standard maintenance is sufficient
Tor has low exploitation rates. Attackers rarely target this software's known vulnerabilities.
What to do
- Keep automatic updates enabled
- No urgent action needed
- Review periodically as part of normal maintenance
What Attackers Target
Vulnerabilities with high exploit probability
3.6%
Confirmed actively exploited (CISA)
3.6%
Public exploit code available
3.6%
Based on 28 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2016-9079 | 7.5 | 84.8% | Yes |
| CVE-2018-0491 | 7.5 | 8.0% | — |
| CVE-2017-16541 | 6.5 | 4.5% | — |
| CVE-2016-1254 | 7.5 | 3.0% | — |
| CVE-2016-8860 | 7.5 | 2.7% | — |
| CVE-2020-10592 | 7.5 | 2.0% | — |
| CVE-2021-28090 | 5.3 | 2.0% | — |
| CVE-2019-8955 | 7.5 | 1.9% | — |
| CVE-2017-0375 | 7.5 | 1.4% | — |
| CVE-2021-28089 | 7.5 | 1.2% | — |
| CVE-2020-10593 | 7.5 | 1.2% | — |
| CVE-2018-0490 | 7.5 | 1.0% | — |
| CVE-2021-34550 | 7.5 | 0.8% | — |
| CVE-2017-0376 | 7.5 | 0.8% | — |
| CVE-2020-8516 | 5.3 | 0.8% | — |
| CVE-2015-2928 | 7.5 | 0.7% | — |
| CVE-2015-2689 | 7.5 | 0.6% | — |
| CVE-2021-34549 | 7.5 | 0.6% | — |
| CVE-2015-2688 | 7.5 | 0.6% | — |
| CVE-2020-15572 | 7.5 | 0.5% | — |
3
/ 100
low-risk
Active Threat
1/50 · Minimal
Exploit Availability
2/50 · Minimal
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.