CVE Tools

tcpdump

OSS Librariesoss-project

129

Cumulative CVEs

6

Monthly snapshots

#1

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting tcpdump.

CVE-2024-8006NULL pointer dereference in libpcap before 1.10.5 with remote packet capture support4.4Aug 30, 2024
CVE-2023-7256Double-free in libpcap before 1.10.5 with remote packet capture support.4.4Aug 30, 2024
CVE-2023-1801The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.6.5Apr 7, 2023
CVE-2019-15167The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.9.1Aug 27, 2022
CVE-2021-41043Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact.5.5Jan 5, 2022
CVE-2020-8036str2tokbuf used incorrectly by print-someip.c7.5Nov 4, 2020
CVE-2020-8037ppp decapsulator can be convinced to allocate a large amount of memory7.5Nov 4, 2020
CVE-2019-15165sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.5.3Oct 3, 2019
CVE-2019-15164rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.5.3Oct 3, 2019
CVE-2019-15163rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.7.5Oct 3, 2019
CVE-2019-15162rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.5.3Oct 3, 2019
CVE-2019-15161rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.5.3Oct 3, 2019
CVE-2019-15166lmp_print in tcpdump lacks certain boundary checks1.6Oct 3, 2019
CVE-2018-16452The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.7.5Oct 3, 2019
CVE-2018-16451The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.7.5Oct 3, 2019