Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tcpdump Subscribe

Filtered by product Tcpdump

Total 169 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-7983	1 Tcpdump	1 Tcpdump	2018-01-04	7.5 HIGH	9.8 CRITICAL
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2016-7973	1 Tcpdump	1 Tcpdump	2018-01-04	7.5 HIGH	9.8 CRITICAL
The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
CVE-2016-8574	1 Tcpdump	1 Tcpdump	2018-01-04	7.5 HIGH	9.8 CRITICAL
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2017-5341	1 Tcpdump	1 Tcpdump	2018-01-04	7.5 HIGH	9.8 CRITICAL
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
CVE-2017-5342	1 Tcpdump	1 Tcpdump	2018-01-04	7.5 HIGH	9.8 CRITICAL
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2016-7993	1 Tcpdump	1 Tcpdump	2018-01-04	7.5 HIGH	9.8 CRITICAL
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2017-5482	1 Tcpdump	1 Tcpdump	2018-01-04	7.5 HIGH	9.8 CRITICAL
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
CVE-2017-5483	1 Tcpdump	1 Tcpdump	2018-01-04	7.5 HIGH	9.8 CRITICAL
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2007-1218	1 Tcpdump	1 Tcpdump	2017-10-10	6.8 MEDIUM	N/A
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.