Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tcpdump Subscribe
Total 176 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15167 1 Tcpdump 1 Tcpdump 2022-09-01 N/A 9.1 CRITICAL
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.
CVE-2018-14463 7 Apple, Debian, F5 and 4 more 7 Mac Os X, Debian Linux, Traffix Sdc and 4 more 2022-08-26 5.0 MEDIUM 7.5 HIGH
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.
CVE-2019-15166 8 Apple, Canonical, Debian and 5 more 10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more 2022-04-13 5.0 MEDIUM 7.5 HIGH
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2019-15165 7 Apple, Canonical, Debian and 4 more 11 Ipados, Iphone Os, Mac Os X and 8 more 2022-04-08 5.0 MEDIUM 5.3 MEDIUM
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
CVE-2018-16301 1 Tcpdump 1 Tcpdump 2022-02-14 4.4 MEDIUM 7.8 HIGH
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
CVE-2021-41043 1 Tcpdump 1 Tcpslice 2022-01-12 4.3 MEDIUM 5.5 MEDIUM
Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact.
CVE-2011-1935 1 Tcpdump 1 Libpcap 2021-06-15 7.5 HIGH 9.8 CRITICAL
pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.
CVE-2020-8037 4 Apple, Debian, Fedoraproject and 1 more 5 Mac Os X, Macos, Debian Linux and 2 more 2021-05-05 5.0 MEDIUM 7.5 HIGH
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
CVE-2020-8036 1 Tcpdump 1 Tcpdump 2020-11-25 5.0 MEDIUM 7.5 HIGH
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.
CVE-2017-13687 2 Debian, Tcpdump 2 Debian Linux, Tcpdump 2020-10-28 7.5 HIGH 9.8 CRITICAL
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
CVE-2017-13725 2 Debian, Tcpdump 2 Debian Linux, Tcpdump 2020-10-28 7.5 HIGH 9.8 CRITICAL
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
CVE-2017-13028 2 Debian, Tcpdump 2 Debian Linux, Tcpdump 2020-10-28 7.5 HIGH 9.8 CRITICAL
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
CVE-2017-13024 2 Debian, Tcpdump 2 Debian Linux, Tcpdump 2020-10-28 7.5 HIGH 9.8 CRITICAL
The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().
CVE-2017-13020 2 Debian, Tcpdump 2 Debian Linux, Tcpdump 2020-10-28 7.5 HIGH 9.8 CRITICAL
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVE-2017-13004 2 Debian, Tcpdump 2 Debian Linux, Tcpdump 2020-10-28 7.5 HIGH 9.8 CRITICAL
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
CVE-2017-12987 3 Debian, Redhat, Tcpdump 5 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2020-10-23 7.5 HIGH 9.8 CRITICAL
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
CVE-2017-12899 3 Debian, Redhat, Tcpdump 5 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2020-10-23 7.5 HIGH 9.8 CRITICAL
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
CVE-2017-12902 3 Debian, Redhat, Tcpdump 5 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2020-10-23 7.5 HIGH 9.8 CRITICAL
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
CVE-2017-12896 3 Debian, Redhat, Tcpdump 5 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2020-10-23 7.5 HIGH 9.8 CRITICAL
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
CVE-2018-19519 1 Tcpdump 1 Tcpdump 2020-08-24 4.3 MEDIUM 5.5 MEDIUM
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.