Vulnerabilities > Tcpdump > Libpcap > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-31 | CVE-2023-7256 | Double Free vulnerability in Tcpdump Libpcap In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. | 4.4 |
| 2024-08-31 | CVE-2024-8006 | NULL Pointer Dereference vulnerability in Tcpdump Libpcap Remote packet capture support is disabled by default in libpcap. | 4.4 |
| 2019-10-03 | CVE-2019-15165 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | 5.3 |
| 2019-10-03 | CVE-2019-15164 | Server-Side Request Forgery (SSRF) vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. | 5.3 |
| 2019-10-03 | CVE-2019-15162 | Insufficient Verification of Data Authenticity vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. | 5.3 |
| 2019-10-03 | CVE-2019-15161 | Incorrect Calculation of Buffer Size vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. | 5.3 |