Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15165 | 7 Apple, Canonical, Debian and 4 more | 11 Ipados, Iphone Os, Mac Os X and 8 more | 2022-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | |||||
| CVE-2011-1935 | 1 Tcpdump | 1 Libpcap | 2021-06-15 | 7.5 HIGH | 9.8 CRITICAL |
| pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets. | |||||
| CVE-2019-15161 | 1 Tcpdump | 1 Libpcap | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request. | |||||
| CVE-2019-15162 | 2 Opengroup, Tcpdump | 2 Unix, Libpcap | 2019-10-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. | |||||
| CVE-2019-15163 | 1 Tcpdump | 1 Libpcap | 2019-10-26 | 5.0 MEDIUM | 7.5 HIGH |
| rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. | |||||
| CVE-2019-15164 | 1 Tcpdump | 1 Libpcap | 2019-10-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. | |||||