Known Vulnerabilities for products from Tcpdump
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Tcpdump".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-1801 json | The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. | 6.5 - MEDIUM | 2023-04-07 | 2023-12-23 |
| CVE-2021-41043 json | Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact. | 5.5 - MEDIUM | 2022-01-05 | 2022-01-12 |
| CVE-2020-8037 json | The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | 7.5 - HIGH | 2020-11-04 | 2023-11-07 |
| CVE-2020-8036 json | The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way. | 7.5 - HIGH | 2020-11-04 | 2020-11-25 |
| CVE-2019-1010220 json | tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Ad... | 3.3 - LOW | 2019-07-22 | 2023-11-07 |
| CVE-2019-15167 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.1 - CRITICAL | 2022-08-27 | 2022-09-01 |
| CVE-2019-15166 json | lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | 7.5 - HIGH | 2019-10-03 | 2023-11-07 |
| CVE-2019-15165 json | sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | 5.3 - MEDIUM | 2019-10-03 | 2023-11-07 |
| CVE-2019-15164 json | rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. | 5.3 - MEDIUM | 2019-10-03 | 2023-11-07 |
| CVE-2019-15163 json | rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon cr... | 7.5 - HIGH | 2019-10-03 | 2023-11-07 |
| CVE-2019-15162 json | rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which migh... | 5.3 - MEDIUM | 2019-10-03 | 2023-11-07 |
| CVE-2019-15161 json | rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an ... | 5.3 - MEDIUM | 2019-10-03 | 2023-11-07 |
| CVE-2018-19519 json | In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data ... | 5.5 - MEDIUM | 2018-11-25 | 2023-11-07 |
| CVE-2018-16452 json | The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. | 7.5 - HIGH | 2019-10-03 | 2023-11-07 |
| CVE-2018-16451 json | The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANM... | 7.5 - HIGH | 2019-10-03 | 2023-11-07 |
| CVE-2018-16301 json | The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this v... | 7.8 - HIGH | 2019-10-03 | 2023-11-07 |
| CVE-2018-16300 json | The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursio... | 7.5 - HIGH | 2019-10-03 | 2023-11-07 |
| CVE-2018-16230 json | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). | 7.5 - HIGH | 2019-10-03 | 2023-11-07 |
| CVE-2018-16229 json | The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). | 7.5 - HIGH | 2019-10-03 | 2023-11-07 |
| CVE-2018-16228 json | The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). | 7.5 - HIGH | 2019-10-03 | 2023-11-07 |