Vulnerabilities > Tcpdump
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-07 | CVE-2023-1801 | Out-of-bounds Write vulnerability in Tcpdump 4.99.3 The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. | 6.5 |
| 2022-01-05 | CVE-2021-41043 | Use After Free vulnerability in Tcpdump Tcpslice Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact. | 4.3 |
| 2020-11-04 | CVE-2020-8037 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | 7.5 |
| 2020-11-04 | CVE-2020-8036 | Out-of-bounds Read vulnerability in Tcpdump 4.10.0 The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way. | 5.0 |
| 2019-10-03 | CVE-2019-15165 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | 5.3 |
| 2019-10-03 | CVE-2019-15164 | Server-Side Request Forgery (SSRF) vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. | 5.3 |
| 2019-10-03 | CVE-2019-15163 | NULL Pointer Dereference vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. | 7.5 |
| 2019-10-03 | CVE-2019-15162 | Insufficient Verification of Data Authenticity vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. | 5.3 |
| 2019-10-03 | CVE-2019-15161 | Incorrect Calculation of Buffer Size vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. | 5.3 |
| 2019-10-03 | CVE-2019-15166 | Classic Buffer Overflow vulnerability in multiple products lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | 7.5 |