CVEs affecting projects tracked on Release Alert, from NVD & OSV.
Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.