Vulnerabilities > Tcpdump > Libpcap > 1.6.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-03 | CVE-2019-15165 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | 5.3 |
| 2019-10-03 | CVE-2019-15164 | Server-Side Request Forgery (SSRF) vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. | 5.3 |
| 2019-10-03 | CVE-2019-15163 | NULL Pointer Dereference vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. | 7.5 |
| 2019-10-03 | CVE-2019-15162 | Insufficient Verification of Data Authenticity vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. | 5.3 |
| 2019-10-03 | CVE-2019-15161 | Incorrect Calculation of Buffer Size vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. | 5.3 |